Logon To Particular Pcs Only

S

Sean Macdonald

Hi everyone,

In AD Users and Computers I know it is possible to restrict users
access to specific PCs only.

My question is if it is possible to enter a wildcard or range of
entries here rather than requiring the input of each individual
computer name.

For example if I have the Pcs A1 A2 A3 B1 B2 B3 could I allow a user
access to A* (or similar)to grant him access to A1 A2 & A3?

Thanks For Any Ideas

Sean
 
C

Cary Shultz [A.D. MVP]

Sean,

One thing that you could do is to create a GPO in which you 'deny logon
locally'. You would have to create an OU and put those computer account
objects in that OU and then create the GPO. You can use group filtering -
if needed - to replace the 'Authenticated Users' security group.

Does this help you?

Cary
 
Y

Yevgen Lazaryev

Hi Sean,
You may consider using Cary's method but if you want to assign logon PCs
individually by user you could do it with a script writing to a
"userWorkstations" attribute ...Below is a simple example how to do it
however it can be modified to your needs ....

strUser = InputBox("Enter user name:")
strWildcard = InputBox("Enter specific part of a wildcard:")
strRange = InputBox("Enter Range like 1-5:")
Set objUser = GetObject("LDAP://cn=" & strUser &
",cn=Users,dc=company,dc=com" )
For i = Trim(Split(strRange, "-")(0)) To Trim(Split(strRange, "-")(1))
strWorkstations = strWorkstations & strWildcard & i & ","
Next
objUser.Put "userWorkstations", strWorkstations
objUser.SetInfo

....this assumes that you manually enter user name, part of the wildcard and
the numeric range like in your example ... But you can also take the list of
computers in the domain to check against the wildcard or apply the script to
the group or OU or use it in any other way .... Hope it helps ...

"Sean Macdonald" <[email protected]> a écrit dans le message de
| Hi everyone,
|
| In AD Users and Computers I know it is possible to restrict users
| access to specific PCs only.
|
| My question is if it is possible to enter a wildcard or range of
| entries here rather than requiring the input of each individual
| computer name.
|
| For example if I have the Pcs A1 A2 A3 B1 B2 B3 could I allow a user
| access to A* (or similar)to grant him access to A1 A2 & A3?
|
| Thanks For Any Ideas
|
| Sean
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

multiplication of two array in a particular way 2
Adding values in to table for appropriate fields only 5
Limit users to logon only to computer that belong to user's domain 1
how to use if formula in list (data validation list) 1
Transpose rows to columns 4
Protecting user from changing previous data 5
Data Validation and drop-down list using IF, AND and what else? 8
Copy Data from One sheet to Different Sheets 1

Top