RE: restrict local users totally

From: Raoul Armfield (armfield@amnh.org)
Date: 01/03/02

Previous message: JohnNicholson@aol.com: "RE: Is it bad enough to resign?"
In reply to: Matt Andreko: "restrict local users totally"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: "Raoul Armfield" <armfield@amnh.org>
To: "'Matt Andreko'" <mandreko@ori.net>, <security-basics@securityfocus.com>
Date: Thu, 3 Jan 2002 13:53:07 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On the domain controller,
> there won't be any local users, because it's a domain
> controller.

Unless I am mistaking, you have to add all Domain users as local
users on your domain controller but edit your policies to restrict
logon to administrator or the administrator group.

Raoul Armfield

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQA/AwUBPDSok4NpNUGLk0LaEQJByACgkE1DU60uY64djOVYyM8g68vxSHcAoIGp
R6OUpOB4/GXTeiR6dj0NEGCf
=i2N3
-----END PGP SIGNATURE-----

Previous message: JohnNicholson@aol.com: "RE: Is it bad enough to resign?"
In reply to: Matt Andreko: "restrict local users totally"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

local users and groups
... My server which is a domain controller does not have local users and groups ... listed under shared folders in the computer management screen whereas my ...
(microsoft.public.windows.server.active_directory)
Re: local users and groups
... A domain controller has no local users and groups, user accounts, security groups, computers on a domain controller are managed with Active directory users and computers from the administrative tools. ...
(microsoft.public.windows.server.active_directory)
Re: Client cant login to domain
... Bill McCormick wrote: ... One work around is to add the user to the local users and ... but there MUST be a way to do it from the domain controller. ... ipconfig /all from this workstation & from your DC. ...
(microsoft.public.windows.group_policy)
Re: Cannot see Local Usersand Groups under System Tools?
... Is this server an Active Directory Domain Controller? ... On domain controllers there are no local users and groups present. ... Microsoft MVP - Windows Security ...
(microsoft.public.windows.server.general)
Existing SS 2003 adding to New Domain Server.
... We have an existing Win Storage Server 2003 running DNS/DHCP/File ... shares for a small office. ... All the users and local users and we have no domain controller. ...
(microsoft.public.windows.server.active_directory)