restrict users to login to the domain

Posted on 2011-04-27
Last Modified: 2012-05-11
we have windows server 2003.  i want to restrict users to login to the server.

i want to create a user like, he should add client to domain, change the date and time, change network properties. but he should not get any administrator rights. and he should be able to login in to the server.

please give me some guidence to create group policies to give this type of policies.
Question by:ramachandraraju
    LVL 10

    Expert Comment

    by:Muzafar Momin

    Author Comment

    hi muzafar 13,

    thanks for ur response. i did the delegation but my query is,
    the should able to add the client to the server. but he should not able to log in  into the server. how to restrict a user from log in into the server.
    LVL 5

    Accepted Solution

    within the group policy that is applied to the server [assuming domain controller with Default Domain Controller Policy enabled] modify the following

    COMPUTER  CONFIGURATION - Policies - Windows Settings - Local Policies/user Rights Assignment.
    Configure the deny logon locally or logon through terminal server to prohibit a user from logging into the server.

    Author Comment

    i need more information. because i didnt get exact information. i want to block all the users except some ADMIN persons. please provide some help to restrict all the users login into Domain controller.

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Suggested Solutions

    I know all systems administrator at some time or another has had to create a script to copy file from a server share to a desktop. Well now there is an easy way to do this in Group Policy. Using Group policy preferences is not hard. The first thing …
    NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
    This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
    This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

    761 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now