After a bit of e-mail with the OP, it turns out that the account in question is the built-in Administrator account. I agree on the necessity of simply changing the password on the account, and in the end, I suspect that's the only real viable option, although there are ways to restrict that account's ability to log on to unspecified machines.
Laura > -----Original Message----- > From: Andrew Kleszczewski > [mailto:[EMAIL PROTECTED] > Sent: Thursday, November 10, 2005 11:33 PM > To: [EMAIL PROTECTED]; [email protected] > Subject: Re: Deny Logon by Domain Admin account to specific > PC's or deny to all BUT specific PC's > > The quickest method is already built in to Active Directory. > Simply open the properties on the account and look on the > 'Account' tab. Click the "Logon To" button. Select "The > following computers" radio button and type the workstations > you want the account to be restricted to. > > As an alternate you could search for an MS tool named > LimitLogon. There is additional configuration required, such > as configuring a group policy to associated a login and > logoff script, modifying the schema, and installing the > client on the workstation, etc... Limitlogon will allow you > to restrict concurrent sessions on any account and it > provides logging as well. > > >>> "Hindle, Dallas" <[EMAIL PROTECTED]> > 11/10/05 8:15 > >>> PM >>> > > > Hi all > > > > I assumed this was easy but I must be missing something... > > > > I have a domain admin Account that is used for Services, SQL > Processes, Scheduled Tasks and for automated logons for some > proprietary software... This account has had the password > leak out to a 3rd party whom has decided to share it with > other people in the company. > > > > As I'm sure you agree I need to get his account locked down > ASAP, I want to prevent logon to this account from any pc's > other than the ones I authorise, and I though this was a > simple process, I don't know what I'm missing but if anyone > has any suggestions it would be much appreciated. > > > > > > > > Thanks > > > > Dallas > > > > > > > > > -- > Message protected by MailGuard: e-mail anti-virus, anti-spam > and content filtering. > http://www.mailguard.com.au/mg > > > > -------------------------------------------------------------- > ------------- > -------------------------------------------------------------- > ------------- > > > > ----------------------------------------- > CONFIDENTIALITY NOTICE: > The information in this E-Mail may be confidential and may be > legally privileged. It is intended solely for the addressee(s). If > you are not the intended recipient, any disclosure, copying, > distribution or any action taken or omitted to be taken in reliance > on this e-mail, is prohibited and may be unlawful. If you have > received this E-Mail message in error, notify the sender by reply > E-Mail and delete the message. > > > -------------------------------------------------------------- > ------------- > -------------------------------------------------------------- > ------------- > --------------------------------------------------------------------------- ---------------------------------------------------------------------------
