Re: Access restriction for domain user
From: Tim Springston [MS] (tspring_at_online.microsoft.com)
Date: 09/08/04
- Previous message: Tim Springston [MS]: "Re: Advanced object auditing properties documentation."
- In reply to: Miha Pihler: "Re: Access restriction for domain user"
- Next in thread: Miha Pihler: "Re: Access restriction for domain user"
- Reply: Miha Pihler: "Re: Access restriction for domain user"
- Reply: Simon: "Re: Access restriction for domain user"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 8 Sep 2004 10:45:37 -0500
You could also set the user account property in Active Directory Users and
Computers to only allow logon to specific computer(s). This does not test
the OS of the computers you specify though.
-- Tim Springston Microsoft Corporation This posting is provided "AS IS" with no warranties, and confers no rights. "Miha Pihler" <mihap-news@atlantis.si> wrote in message news:OYaqGpFlEHA.3520@tk2msftngp13.phx.gbl... > Hi Simon, > > There are two settings in Group or Local Policy that should help you out. > This will keep user away from computer based on user’s permission > and based > on computers policy settings. Set this policy at level that suites you > best > (e.g. OU level). > > Create new policy (or edit existing one) and under Computer Settings -> > Windows Settings -> Security Settings -> Local Policies -> User Rights > Assignment. > > Here look for policy "Log on Locally" and "Deny Log on Locally" You can > add > your users that may only logon from certain computers on majority of > server > to "Deny Log on Locally" (to make it easier create a group and add group > to > policy while you add your users to this group). > > Now your users will only be able to log on to domain from computers that > don't have this policy applied. > > When creating policy make sure you don't lock yourself out. > > Mike > > "Simon" <t-chofu@microsoft.com> wrote in message > news:OuIqsdFlEHA.3912@TK2MSFTNGP12.phx.gbl... >> I want to set up an access restriction to W2K and W2003 domain users. >> Some users are only allowed to log on the domain from a certain PC. >> Is it possible to specify an IP address or Mac address somewhere in user >> profile? >> Or are there any ways to be able to manage this? >> >> Any advice would be appreciated. >> >> Simon >> > >
- Previous message: Tim Springston [MS]: "Re: Advanced object auditing properties documentation."
- In reply to: Miha Pihler: "Re: Access restriction for domain user"
- Next in thread: Miha Pihler: "Re: Access restriction for domain user"
- Reply: Miha Pihler: "Re: Access restriction for domain user"
- Reply: Simon: "Re: Access restriction for domain user"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
