Joe, (or is that joe) brings a good point. What exactly are you trying to prevent? Are you trying to prevent people from logging onto other people's workstations?
The casual user usually has no rights to log on interactively on a server unless they are on the list of local administrators.
Wook
From: joe
Sent: Fri 6/4/2004 9:58 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD Account question
Note that this only stops interactive logon...
An enterprising user could still use NET USE /USER to connect to other machines across the network OR use RUNAS or CPAU to run as that user on any machine.
joe
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Thommes, Michael M.
Sent: Thursday, June 03, 2004 4:38 PM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] AD Account question
Yep. In ADUC go to your User Account/Properties...Account tab..."Log On To" button...add computer name.
Mike Thommes
-----Original Message-----
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, June 03, 2004 3:11 PM
To: [EMAIL PROTECTED]
Subject: [ActiveDir] AD Account question
I wanted to create a account where it will only let you log into 1 computer only and no others. Is there a way to do this? I know in Netware you could do it off of a MAC address.
Thanks again
Ryan McDonald
Systems Administrator
