?
Solved

Restrict user to login in a particular machine

Posted on 2010-09-05
8
Medium Priority
?
651 Views
Last Modified: 2012-05-10
Hi all,

I would like to perform the below scenario but I don't know how?

Restrict user A to login his particular machine only and prohibit others except the administrator to login on the same machine.

How can I do that throught the local GPO or domain GPO or how ??
0
Comment
Question by:aswar
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 2000 total points
ID: 33606000
Two suggestions, Remove the domain users group from the list of users in the local computer's users group (and add the user in question)  And/or in Active directory (user account properties) set the computer(s) that the user is allowed to login to.
0
 
LVL 22

Expert Comment

by:chakko
ID: 33606001
You can try this.
Edit the local policy on the computer and set the Allow Logon Locally to only the accounts you want.
http://technet.microsoft.com/en-us/library/cc728212(WS.10).aspx 
0
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 33606002
You COULD do that, but modify the local groups is easier and more common.
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 14

Expert Comment

by:Dhiraj Mutha
ID: 33606004
Go to Start > Run and type 'gpedit.msc' and press enter.
In the next window, expand Computer Configuration > Windows Settings > Security Settings > Local Policies  and select User Rights Assignment
Now on the right pane double click on 'Deny Logon Locally' and add the required users in the same. And restart the system and have a check.
 
0
 
LVL 10

Expert Comment

by:abhijitwaikar
ID: 33606108
0
 
LVL 5

Expert Comment

by:Swapnil Prajapati
ID: 33778568
You can provide system name to be logged on to under User Properties Logon to and specifiy machine name the user need to be logged on.
0
 
LVL 12

Expert Comment

by:Mike
ID: 34082739
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question