Link to home
Create AccountLog in
Avatar of aswar
aswar

asked on

Restrict user to login in a particular machine

Hi all,

I would like to perform the below scenario but I don't know how?

Restrict user A to login his particular machine only and prohibit others except the administrator to login on the same machine.

How can I do that throught the local GPO or domain GPO or how ??
ASKER CERTIFIED SOLUTION
Avatar of Lee W, MVP
Lee W, MVP
Flag of United States of America image

Link to home
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
See answer
You can try this.
Edit the local policy on the computer and set the Allow Logon Locally to only the accounts you want.
http://technet.microsoft.com/en-us/library/cc728212(WS.10).aspx 
You COULD do that, but modify the local groups is easier and more common.
Go to Start > Run and type 'gpedit.msc' and press enter.
In the next window, expand Computer Configuration > Windows Settings > Security Settings > Local Policies  and select User Rights Assignment
Now on the right pane double click on 'Deny Logon Locally' and add the required users in the same. And restart the system and have a check.
 
You can provide system name to be logged on to under User Properties Logon to and specifiy machine name the user need to be logged on.
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.