Do not allow other domain user logon to specific workstation

[Guest]

In our network I wanted to configure on win2k professional workstation such a way only one specific domain user allow to login to domain.

 

[Steven L Umbach]

Hi Maha.

Open the Local Security Policy - secpol.msc and go to security settings/local
policies/user rights and configure the user right for logon locally to contain what
users/groups that you need. There is also a deny logon locally user right which
should be used with care as it will override the logon locally user right for a user
or group and keep in mind that administrators are in the users and everyone groups.
Local Security Policy can be overridden by domain/OU policy which would be evidenced
by effective settings being different than local settings. --- Steve

In our network I wanted to configure on win2k professional workstation such a way

only one specific domain user allow to login to domain.

 

[Guest]

Thanks Steven,
My workstation is joined to doamin. I do have local admin rights. I want to stop other domain user logon to domian (not log on locally) from my workstation
As you said Local Security Policy can be overridden by domain/OU policy becasue of this i gues it is not possible.

Pls let me know
Thanks again steven

 

[Steven Umbach]

Try going into Local Security Policy and configure the user right to logon
locally to have just administrators and your domain account which may accomplish
what you want unless there is domain/OU policy configured which by default it is
not. --- Steve

Thanks Steven,
My workstation is joined to doamin. I do have local admin rights. I want to

stop other domain user logon to domian (not log on locally) from my
workstation

As you said Local Security Policy can be overridden by domain/OU policy

becasue of this i gues it is not possible.