Solved

Restrict user to login in a particular machine

Posted on 2010-09-05
8
644 Views
Last Modified: 2012-05-10
Hi all,

I would like to perform the below scenario but I don't know how?

Restrict user A to login his particular machine only and prohibit others except the administrator to login on the same machine.

How can I do that throught the local GPO or domain GPO or how ??
0
Comment
Question by:aswar
8 Comments
 
LVL 95

Accepted Solution

by:
Lee W, MVP earned 500 total points
Comment Utility
Two suggestions, Remove the domain users group from the list of users in the local computer's users group (and add the user in question)  And/or in Active directory (user account properties) set the computer(s) that the user is allowed to login to.
0
 
LVL 22

Expert Comment

by:chakko
Comment Utility
You can try this.
Edit the local policy on the computer and set the Allow Logon Locally to only the accounts you want.
http://technet.microsoft.com/en-us/library/cc728212(WS.10).aspx
0
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
You COULD do that, but modify the local groups is easier and more common.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 14

Expert Comment

by:Dhiraj Mutha
Comment Utility
Go to Start > Run and type 'gpedit.msc' and press enter.
In the next window, expand Computer Configuration > Windows Settings > Security Settings > Local Policies  and select User Rights Assignment
Now on the right pane double click on 'Deny Logon Locally' and add the required users in the same. And restart the system and have a check.
 
0
 
LVL 10

Expert Comment

by:abhijitwaikar
Comment Utility
0
 
LVL 5

Expert Comment

by:swap_101982
Comment Utility
You can provide system name to be logged on to under User Properties Logon to and specifiy machine name the user need to be logged on.
0
 
LVL 12

Expert Comment

by:Mike
Comment Utility
This question has been classified as abandoned and is being closed as part of the Cleanup Program.  See my comment at the end of the question for more details.
0

Featured Post

Are end users causing IT problems again?

You’ve taken the time to design and update all your end user’s email signatures, only to find out they’re messing up the HTML, changing the font and ruining the imagery. What can you do to prevent this? Find out how you can save your signatures from end users today.

Join & Write a Comment

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now