HIB - Lumension Endpoint Security


Does anyone use Lumension Endpoint Security 4.6

My boss wants me to test it out on whether I can control specific users to specific computers.
Anonymous KHIT EngineerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Anything login restrictions in AD and GPOs dont cover?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
btanExec ConsultantCommented:
IN fact GPO shd be suffice, and for LEMSS it also can integrate with at GPMC
Core Platform

Group Membership Dialog
Add endpoints to your groups using this redesigned dialog, which includes search features and filters for finding ungrouped endpoints. You can also import endpoints using a comma-delineated list. Use this dialog by opening the Groups page, selecting the Endpoint Membership view, and then clicking the Membership button.
Porbably use GPO instead to suite your use case, the LEMSS lockdown does not seems to restrict login esp for those without their agents. They can do discovery and push agent via GPMC setting .. (https://www.lumension.com/kb/Home/L-E-M-S-S-/1662.aspx)

Regardless leveraging GPO (if for Windows only), GPMC can create a new policy for the Users that will be for Restricted Logons to specific machines. Just need to ensure that all users you want to deny access have membership in a particular security group which you will filter in the GPO applied to the computers whose access you want to restrict. Understand there is setting such as "Computer Configuration\Windows Settings\Security Settings\Account Policies\Kerberos Policy"

in addition, also check out "Access this computer from the network"
Determine which users and groups are allowed to connect to the computer over the network. This user right is defined in the Default Domain Controller Group Policy object (GPO) and in the local security policy of workstations and servers. The default groups that have this right on each platform are:

Workstations and Servers
Backup Operators
Power Users

Domain Controllers
Authenticated Users
Anonymous KHIT EngineerAuthor Commented:
Was not the answer I am looking for but thanks.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.