Solved

Deleting Computer From AD Still Lets me Login

Posted on 2016-10-24
1
52 Views
Last Modified: 2016-11-28
I noticed that after I delete a Computer from AD I can still login into the domain with a valid user name.  The network shows as Unauthenticated but I am still able to browse shares, etc.

Is there a way to prevent access to the domain when a Computer has been either deleted or disabled?

We do have NPS and I have a feeling it all starts there...

Thank you!
0
Comment
Question by:IDMA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 41857253
To authenticate from a client does not imply that this client has to be domain joined, that's all. You can use the credentials anywhere. To protect against that, you'd need to use ipsec in connection with ipsec based firewall rules. These rules would enforce, that the computer authenticates before access is allowed.
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article describes my battle tested process for setting up delegation. I use this process anywhere that I need to setup delegation. In the article I will show how it applies to Active Directory
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…

735 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question