Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1443
  • Last Modified:

Non-interactive AD account

Hi Experts,

Is there a way I can create a non-interactive or 'lowest permission level' account/group for cerain users who require RADIUS access?

Basically, I have a group of users who have an AD account for the purposes of authenticating via wireless via RADIUS using their non-domain member devices (laptops, Andriod devices etc..) and I need their logins to only work for the sole purpose of authenticating via wireless via RADIUS with no interactive logon access to any domain workstation etc...

I currently have these users in the Domain Guests, Guests group and a security group defining wireless access for the NPS policy, however of course they will still be able to login interactively.

I did create another security group for the sole purpose of 'flagging' the user for non-interactive logon by adding that security group to the 'Deny Logon Locally' group policy and having my non-interactive users in that group as well, however this also cut off authentication via wireless via RADIUS :(
0
BradyAU
Asked:
BradyAU
  • 2
1 Solution
 
Krzysztof PytkoSenior Active Directory EngineerCommented:
I would check for that AD LDS instance. It can be used for authentication but cannot be use for user logon. I don't know if it works for that scenario (I've never done this before) But maybe you are interested in this subject and can dig something in the Internet?

For reference please start with this MS article at
http://technet.microsoft.com/pl-pl/library/cc755080%28WS.10%29.aspx

Regards,
Krzysztof
0
 
BradyAUAuthor Commented:
I was more leaning to just putting the user into a group that had limited access rather than using LDS. E.g. now they are in the Guest group + the WIFI security group.
0
 
BradyAUAuthor Commented:
Idea worked
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Managing Security Policy in a Changing Environment

The enterprise network environment is evolving rapidly as companies extend their physical data centers to embrace cloud computing and software-defined networking. This new reality means that the challenge of managing the security policy is much more dynamic and complex.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now