Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Restrict domain accounts that can log into specific computers?

Posted on 2011-03-16
2
Medium Priority
?
606 Views
Last Modified: 2012-05-11
We use roaming profiles in our office under a Server 2008 domain environment with all windows 7 workstations.

Our managers sit in the same area as support staff and previously they once in a while would use a managers computer for work, since they had a roaming profile.

now managers have access to skype and such, support clerks dont, so i wanted to prevent people from logging into certain machines.

For example only Joe Blow can log into his computer with his domain account, no one else.

is this possible?

i did read up on some methods but they seem rather long and drawn out.
0
Comment
Question by:Mathiau
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 7

Expert Comment

by:brota
ID: 35151827
go to the properties of the user account go to the account tab.
there is a logon to button
0
 
LVL 4

Accepted Solution

by:
bigstyler earned 2000 total points
ID: 35152602
Hi,

in your situation, it shoud be better to use the "deny logon locally" group policy settings : http://technet.microsoft.com/en-us/library/cc957048.aspx

With this method, you will be able to deny a specific group to logon on locally to some specific computers (those that will be in the scope of the GPO).

It will be then more easy for you to deploy this configuration on several computers with group policy and not individually on each computer.

Otherwise, it is possible to define an "allow logon locally" settings, that will do the trick by removing the "domain users" group and adding a group that is containing the granted users.(http://technet.microsoft.com/en-us/library/cc756809(WS.10).aspx)
0

Featured Post

NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
Active Directory can easily get cluttered with unused service, user and computer accounts. In this article, I will show you the way I like to implement ADCleanup..
This Micro Tutorial will give you basic overview of the control panel section on Windows 7. It will depth in Network and Internet, Hardware and Sound, etc. This will be demonstrated using Windows 7 operating system.
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question