Re: Domain logon without network connection + group policies
From: Danny (nocmonkey_at_gmail.com)
Date: 01/27/05
- Previous message: Pidgorny, Slav: "RE: Dhcp security"
- In reply to: Manuel Sousa: "Domain logon without network connection + group policies"
- Next in thread: Ghetti, Tim: "RE: Domain logon without network connection + group policies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 Jan 2005 16:51:08 -0500 To: Manuel Sousa <manuel.sousa@gmail.com>
On Thu, 27 Jan 2005 12:57:33 +0000, Manuel Sousa <manuel.sousa@gmail.com> wrote:
> Hi,
>
> I've realized that it's possible to logon to a domain without a
> network connection and bypass the group policies.
>
> This provides false security when deploying policies that restrict
> user permissions, so my question is:
> 1. Is it possible to forbid logon if the workstation can't connect to
> the Domain Controller;
> 2. Or is it possible to have a cache of the group policies so that if
> the workstation doesn't have network, it uses the last policies?
>
> One workaround is deploying the policies as local ones, but that
> removes the flexibility of deploying / changing the policies from the
> domain, so i'm open for other suggestions.
Would disabling cached logins solve your problem?
...D
---------------------------------------------------------------------------
---------------------------------------------------------------------------
- Previous message: Pidgorny, Slav: "RE: Dhcp security"
- In reply to: Manuel Sousa: "Domain logon without network connection + group policies"
- Next in thread: Ghetti, Tim: "RE: Domain logon without network connection + group policies"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
