Restricting User Logons to Workstations in Domain

[Stuart Mackie]

Hi. This is probably a very basic question but I can't seem to find an
answer

At the minute any user in our domain can login to any workstation. We are
not using roaming profiles so a new user account with default settings is
therefore created on the workstation(s).

Is it possible to restrict a user to one workstion so that only they (and
the local admin) can logon ?

Thanks for any help,
Stuart.

 

[Steven L Umbach]

You can configure that in Local Security Policy/security settings/local policies/user
rights assignments for logon locally where you would list administrators and users.
There is also a deny setting, but be careful using it keeping in mind that
administrators are members of the users and administrators group. --- Steve

 

[Michael Bednarek]

Hi. This is probably a very basic question but I can't seem to find an
answer

At the minute any user in our domain can login to any workstation. We are
not using roaming profiles so a new user account with default settings is
therefore created on the workstation(s).

Is it possible to restrict a user to one workstion so that only they (and
the local admin) can logon ?

Active Directory Users and Computers (or shorter: dsa.msc): Double-click
a user, tab: "Account", button: "Log On To..."
or shorter:
NET USER JaneDoe /DOMAIN /WORKSTATIONSC1,PC2
See also: NET HELP USER or
ms-its:c:\winnt\Help\ntcmds.chm::/net_user.htm

 

[Stuart Mackie [MVP, MSP]]

Sorry it took me as long to post back. Thats perfect, thanks for your help.

Stuart.