Solved

Restrict domain accounts that can log into specific computers?

Posted on 2011-03-16
2
603 Views
Last Modified: 2012-05-11
We use roaming profiles in our office under a Server 2008 domain environment with all windows 7 workstations.

Our managers sit in the same area as support staff and previously they once in a while would use a managers computer for work, since they had a roaming profile.

now managers have access to skype and such, support clerks dont, so i wanted to prevent people from logging into certain machines.

For example only Joe Blow can log into his computer with his domain account, no one else.

is this possible?

i did read up on some methods but they seem rather long and drawn out.
0
Comment
Question by:Mathiau
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Expert Comment

by:brota
ID: 35151827
go to the properties of the user account go to the account tab.
there is a logon to button
0
 
LVL 4

Accepted Solution

by:
bigstyler earned 500 total points
ID: 35152602
Hi,

in your situation, it shoud be better to use the "deny logon locally" group policy settings : http://technet.microsoft.com/en-us/library/cc957048.aspx

With this method, you will be able to deny a specific group to logon on locally to some specific computers (those that will be in the scope of the GPO).

It will be then more easy for you to deploy this configuration on several computers with group policy and not individually on each computer.

Otherwise, it is possible to define an "allow logon locally" settings, that will do the trick by removing the "domain users" group and adding a group that is containing the granted users.(http://technet.microsoft.com/en-us/library/cc756809(WS.10).aspx)
0

Featured Post

Increase your protection from Zero Day threats!

Running two Antivirus' is never a good idea.
Taking advantage of Multiple Security layers on the other hand can often save your hide.
See which top notch security software brands have been proven to happily coexist together.
Reduce your chances of becoming a statistic.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Active Directory security has been a hot topic of late, and for good reason. With 90% of the world’s organization using this system to manage access to all parts of their IT infrastructure, knowing how to protect against threats and keep vulnerabil…
A hard and fast method for reducing Active Directory Administrators members.
This Micro Tutorial will give you a basic overview of Windows Live Photo Gallery and show you various editing filters and touches to photos you can apply. This will be demonstrated using Windows Live Photo Gallery on Windows 7 operating system.
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question