Limiting number of logons

  • Thread starter Thread starter Alan Coleman
  • Start date Start date
A

Alan Coleman

How do I limit the number of workstations a user (or group of users) can log
onto. My users are constantly letting other people logon to machines using
their usernames and passwords despite clear rules to the contrary. Although
this won't completely solve the problem, I need a way to restrict users so
they can only logon to one domain machine at a time. But I don't see an
option in the active directory to do this.
 
Do you want to restrict each user so that they can only log onto their own
individual workstation?

In the Property sheet for the user object, click on the Account tab, and
then "Log onto". This setting is creating on a per-user basis, not through
AD/Group Policy. (Though I imagine it could be scripted.)

If you're looking to limit users to one concurrent logon (but still allow
them to log onto multiple machines), you can also look at the cconnect.exe
utility that's a part of the Windows 2000 Resource Kit. (It's unfortunately
not one of the free tools, you need to buy the print copy of the RK and it's
on the companion CD.)

http://www.tburke.net/info/reskittools/topics/cconnect.htm
 
Thanks,

But I'd like to point out how stupid it is that I need to pay extra for what
should be a fairly STANDARD functionality.

I will look into this though.
 
I do not understand why people need other user accounts to logon to the
network. If they have an account why would they need to do this?
 
Because my users are stupid.... sad but true. It's very hard to educate
them about anything and I can't seem to get them to understand that if you
want someone else to have access to a file, you can email it to them, or put
it on one of the shared space available for their system or department.
They just think "well if I give them access to my account, then they can get
to my files". They have no concept of the security implications.
 
Back
Top