Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 563
  • Last Modified:

Script to Add Computers Users Can Log On To In AD

We have a Server 2003 environment.  We currently restrict our users from logging on to other computers in AD by specifying what computers they each can Log on to.

The problem we are having is when we add a new server or training computer that all users will be able to log on to, we have to manually go an add this computer/server to each user.  Isn't there a faster way of doing this with some kind of scripting?  I've tried researching it but I keep coming up with Logon scripts like to map drives and printers.  I'm looking for a script that I can run and will add the new computer/server too all users in AD without the need to manually go and add it to each user myself.

Thanks
0
ozzalot
Asked:
ozzalot
  • 2
1 Solution
 
Mike KlineCommented:
Or you could just get a away from using the "log on to" method.   There are two group policies

Logon Locally  http://msdn.microsoft.com/en-us/library/ms813954.aspx

Deny Logon Locally http://msdn.microsoft.com/en-us/library/ms813877.aspx

You could create a GPO and define who is allowed to login or if you want who to deny.   Place the machines in an OU and link the GPO at that level.

Thanks

Mike
0
 
ozzalotAuthor Commented:
Mkline

So using those methods, what would the "Log on to" properties in AD for the users be?  All computers?
0
 
ozzalotAuthor Commented:
Sorry for the delay in answering back
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now