One option is to deny Logon access to this account via User Rights on machines outside the lab.
Configure with GPO. -ASB FAST, CHEAP, SECURE: Pick Any TWO http://www.ultratech-llc.com/KB/ On 11/3/05, David Aragon <[EMAIL PROTECTED]> wrote: > Background: > We are a fair sized university. Before any students can use any of the > computing resources on campus they have to demonstrate a level of knowledge > or take a class (3 hours a week for 16 weeks) on basic computing skills > (this class also covers how to use the various pieces of software available > to them in the regular computing labs across campus). > > The lab we use consists of about 250 workstations. There are usually three > full classes run each semester. To simplify things, we have created a > communal user for use within the lab. This carries with it certain security > risks we are trying to minimize. One thing we wanted to do was to limit the > use of this communal user to the systems within the lab. That is, we don't > want this user object to be able to log on to any other system within the > university (1 domain, 1 site, approx 8000 systems across 18 OU's). > > Problem: > The "Log On To" setting in the user object seems to be limited to 64 NetBIOS > names and 1024 bytes of information. > > Does anyone have any ideas? I'm sure I've just overlooked something basic. > > Thank you in advance for your comments and suggestions. > > David Aragon > > List info : http://www.activedir.org/List.aspx > List FAQ : http://www.activedir.org/ListFAQ.aspx > List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ List info : http://www.activedir.org/List.aspx List FAQ : http://www.activedir.org/ListFAQ.aspx List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
