Any Domain user can log on to my XP Pro machine

G

Guest

We have a Microsoft Small Business Server 4.5 (basically NT Server) network.
As I have started to add Windows XP Pro computers to this network, I have
noticed that any user with a valid domain username and password can walk up
to an XP machine and use their login information to log onto that computer.
While security is not my concern here, it seems odd to me that the domain
validation is enough for the person to be able to use someone else's
computer. Is there a way to explicitly limit logins in XP to only those that
have a user account on that XP machine?

Thanks in advance,

Keith
 
L

Leythos

While security is not my concern here, it seems odd to me that the domain
validation is enough for the person to be able to use someone else's
computer.
Click to expand...

That's one of the reasons to have a domain- so that you can logon from
anywhere and get to your files.

If you want to limit users to specific machines, the look in the
security settings on the server.

Since being able to roam is normal, you might want to consider using
protected storage space on the server if you have something you don't
want them to access.
 
C

Chuck

We have a Microsoft Small Business Server 4.5 (basically NT Server) network.
As I have started to add Windows XP Pro computers to this network, I have
noticed that any user with a valid domain username and password can walk up
to an XP machine and use their login information to log onto that computer.
While security is not my concern here, it seems odd to me that the domain
validation is enough for the person to be able to use someone else's
computer. Is there a way to explicitly limit logins in XP to only those that
have a user account on that XP machine?

Thanks in advance,

Keith
Click to expand...

Keith,

By default, the special domain group Everyone ("Domain Users"?) has the ability
to login locally to each computer joined to the domain. You can remove Domain
Users from the access list for the sensitive computers, and add individual
accounts, or add specialised domain groups, to each. It's your choice.

--
Cheers,
Chuck
Paranoia comes from experience - and is not necessarily a bad thing.
My email is AT DOT
actual address pchuck sonic net.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Access a Windows XP machine not on the domain 2
XP Professional Drops connection to domain 1
user accounts on xp client in windows domain network 2
Long login time following username/password 6
Problem mapping network shares in domain 3
Cannot access My Documents on XP machine in a domain 1
XP Pro - Logging on to Domain issues 17
Logging on to NT Domain 1

Top