Re: Permit only one network logon per user

hello,

have you think about using ADAM instead of a real AD? (less weight, maybe more flexible)
RMS may be a more secure way to protect your stream

--
Cordialement,
Mathieu CHATEAU
http://lordoftheping.blogspot.com


"Christian Thies [Ar]" <ch.thies@xxxxxxxxx> wrote in message news:OsdLuDO4HHA.5316@xxxxxxxxxxxxxxxxxxxxxxx
Roger, you're right. I'm not preventing, I have a clue if I log trys of multiple logins
The content is used 7*24*365. So a logged user will keep logged all the time. Any attempt to log in with an already logged credential is a violation (or error).

You're also right about cconnect, I'm rebuilding my DC after trying, but I think I made a mistake and I'm going to try again

Another point is this, I need to prevent access to a mms (or http) connection, not a shared resource in a netowrk

Regards

"Roger Abell [MVP]" <mvpNoSpam@xxxxxxx> escribió en el mensaje news:OcxFHZN4HHA.1168@xxxxxxxxxxxxxxxxxxxxxxx
Hi Christian,

I guess I do not understand how limiting to one session is in fact
preventing unauthorized access.
Assuming it somehow does help, then how does it make sure that
the correct person is the one allowed the one available session?

Anyway, cconnect and limitlogin are fairly heavy to implement.
Take a look at the following for the select few accounts needed:
http://support.microsoft.com/kb/260364

Roger

"Christian Thies [Ar]" <ch.thies@xxxxxxxxx> wrote in message news:OJ2kARE4HHA.4436@xxxxxxxxxxxxxxxxxxxxxxx
I'm building a product that is accessed with a username and password, and for preventing unauthorized access to it, I need to prevent multiple simultaneous logons with the same username and password



Sorry about my English. Let me know if the answer is clear



Christian

"Steve Riley [MSFT]" <steve.riley@xxxxxxxxxxxxx> escribió en el mensaje news:26CE53B9-E00D-4BB5-B2E2-17E5A305B4DE@xxxxxxxxxxxxxxxx
Why do you need to do this? What security risk do you need to mitigate?

Steve Riley
steve.riley@xxxxxxxxxxxxx
http://blogs.technet.com/steriley


"Christian Thies [Ar]" <ch.thies@xxxxxxxxx> wrote in message news:u71neA13HHA.5724@xxxxxxxxxxxxxxxxxxxxxxx
Hi, I have Windows 2003 domain working. I need to allow only one network logon per user.



The example is:



User: username

Status: Logged



If user username try to login from a different machine, and he is logged in another, the login attempt must be denied



How can I accomplish this?



Thanks in advance











.

Relevant Pages

  • Re: Permit only one network logon per user
    ... making my app to control acces should be te last option. ... and for preventing unauthorized access to it, ... multiple simultaneous logons with the same username and password ... If user username try to login from a different machine, ...
    (microsoft.public.windows.server.security)
  • Re: Permit only one network logon per user
    ... I guess I do not understand how limiting to one session is in fact ... for preventing unauthorized access to it, ... simultaneous logons with the same username and password ... If user username try to login from a different machine, ...
    (microsoft.public.windows.server.security)
  • Re: Permit only one network logon per user
    ... and for preventing unauthorized access to it, ... simultaneous logons with the same username and password ... If user username try to login from a different machine, ...
    (microsoft.public.windows.server.security)
  • Problem handling Login control Authenticate event
    ... login process. ... required for login… they have a username, password, and another “location ... and when the extra input field is submitted ... for the users where this concatenation of the two input field ...
    (microsoft.public.dotnet.framework.aspnet)
  • RE: unable to login as user
    ... unable to login as user ... Log in as root and look closely at the user account. ... the system just seems to hang and then go back to the username ...
    (RedHat)