Restricted local access

G

Guest

Hello
In a Server 2003 environmnet with XP workstations, I need to restrict
workstation access on a given computer to one specific user and prevent
others to use that worstation with their own logon on it. (they have their
own computer that they can use the front desk ones are so handy and close
by...)

I am considering using group policies to acheive this but isn't there a
easier way to specify that workstation x is only to accept logon from user x.
Sort of like: allow this worstation (or MAC address) to accept only this user
logon?

Thanks
Aldo
 
M

Malke

Aldo said:
Hello
In a Server 2003 environmnet with XP workstations, I need to restrict
workstation access on a given computer to one specific user and
prevent others to use that worstation with their own logon on it.
(they have their own computer that they can use the front desk ones
are so handy and close by...)

I am considering using group policies to acheive this but isn't there
a easier way to specify that workstation x is only to accept logon
from user x. Sort of like: allow this worstation (or MAC address) to
accept only this user logon?

Thanks
Aldo
Click to expand...

Why don't you just disable all other user accounts except for the one
you want on the machine? Then if the one person allowed to use the
machine doesn't give out his/her password, no one else can get on. I'm
assuming your users aren't administrators. Just don't disable the
administrator account!

Malke
 
D

Doug Knox MS-MVP

In a domain environment, with roaming profiles, you can't restrict access this way, since its not a local account. Its a domain account, and can log into any workstation where it has permissions. You can use practice pools, but that can be a time consuming process.
 
D

Doug Knox MS-MVP

This article has the tip you need:

http://www.windowsitpro.com/Article/ArticleID/20902/20902.html?Ad=1

The LOGOFF utility that it references (NT4) is already in Windows XP.

Create an empty text file in the Netlogon directory of the server with the filename

<username>.<computername> (example: bobd.workstation3) And then create/modify the domain logon script, using the example cited in the above article. It should work the same way in XP as it did in NT4.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Group Policy restrictions 1
Group Policies not restricting consistently 1
Failure to access local machine uisng IP Security Monitor 1
Anonymous users successfully logging into my pc 4
NTBackup - Unable To Restore To XP Hosted Alternate Path 5
XP access administrative share 2
Can't hide a user 0
Local Admin Account with Deny Logon Locally 5

Top