Solved

Script to Add Computers Users Can Log On To In AD

Posted on 2011-02-22
3
554 Views
Last Modified: 2012-05-11
We have a Server 2003 environment.  We currently restrict our users from logging on to other computers in AD by specifying what computers they each can Log on to.

The problem we are having is when we add a new server or training computer that all users will be able to log on to, we have to manually go an add this computer/server to each user.  Isn't there a faster way of doing this with some kind of scripting?  I've tried researching it but I keep coming up with Logon scripts like to map drives and printers.  I'm looking for a script that I can run and will add the new computer/server too all users in AD without the need to manually go and add it to each user myself.

Thanks
0
Comment
Question by:ozzalot
  • 2
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 500 total points
ID: 34953319
Or you could just get a away from using the "log on to" method.   There are two group policies

Logon Locally  http://msdn.microsoft.com/en-us/library/ms813954.aspx

Deny Logon Locally http://msdn.microsoft.com/en-us/library/ms813877.aspx

You could create a GPO and define who is allowed to login or if you want who to deny.   Place the machines in an OU and link the GPO at that level.

Thanks

Mike
0
 

Author Comment

by:ozzalot
ID: 34960515
Mkline

So using those methods, what would the "Log on to" properties in AD for the users be?  All computers?
0
 

Author Closing Comment

by:ozzalot
ID: 35111996
Sorry for the delay in answering back
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In this article, we will see the basic design consideration while designing a Multi-tenant web application in a simple manner. Though, many frameworks are available in the market to develop a multi - tenant application, but do they provide data, cod…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now