Re: what do I do?
- From: "TimJ" <timJ@xxxxxxxxxxx>
- Date: Mon, 26 Mar 2007 15:22:10 -0400
On 24/03/2007 "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> wrote:
"timj" <timj@xxxxxxxxxxx> wrote in message
news:ubQ0dgkbHHA.4176@xxxxxxxxxxxxxxxxxxxxxxx
Hi,
I work for a School Board and lately we have found that the kids can by
pass the GPO's. They put their login id and password in then ok, to
login. Once the login process starts they unplug the ethernet cable, they
get a few errors about their profile but now have full access to their
local pc.
Is there a way to stop it?
We use Windows 2000 server and Windows 2003 server.
Thanks
T.
There are a few tricks, like a login script that checks
for a mapped drive (such as to sysvol ?) and if it does
not exist does a logoff, if it does disconnects the share.
There is a group policy setting that requires background
application of policy to be disallowed (i.e. require that
policy is processed synchronously).
One could disable local caching of past logins (set the
number of logins cached to 0)
Hi,
I like your idea about the scripts do you have a sample I could look
at. Our users home directory is set to H: so I guess I could use that mapped
drive.
Thanks
T
.
- Follow-Ups:
- Re: what do I do?
- From: Roger Abell [MVP]
- Re: what do I do?
- References:
- what do I do?
- From: timj
- Re: what do I do?
- From: Roger Abell [MVP]
- what do I do?
- Prev by Date: Re: what do I do?
- Next by Date: Re: what do I do?
- Previous by thread: Re: what do I do?
- Next by thread: Re: what do I do?
- Index(es):
Relevant Pages
|
|
