We are trying to restrict our service accounts in AD to do interactive logon process by pressing the CTRL-ALT-DEL key sequence.
What is the best way to do it? We have all service accounts in an OU in AD. Is it possible to use group policy to restrict that?
Or should I do that in the machine level?