Disable remote connections from users

  • Thread starter Thread starter Clay Hilton
  • Start date Start date
C

Clay Hilton

I need to do some work this weekend on one of my Windows 2000 file servers.
It is part of an NT4 domain. I would like to work on it remotely through
terminal services. The catch is I need to disable access for all other
users. I will be replacing a lot of user data and I do not want any of the
users to connect while I am doing this work. Is there a way to allow only
one user to connect to this server? Oh -- this server holds everyones home
directories so I do not want to change permissions on the file shares.

thanks,
Clay
 
Thanks for the tip. Will this disable connections to this server only? I
assume I can change the switch to re-enable connections - or if I just
reboot will this re-enable the user connections. Also since I have about
1600 users this would be a bit cumbersome -- does anyone know of any other
options?

thanks,
Clay Hilton
 
In reply to your questions:

- Try the command with one user, to see what effect it has.
- After you have done your test, try to re-enable the account.
- To disable 1600 users, you must establish a user list. Here
is a batch file that will do it:
@echo off
net user | more +4 | find /i /v "successfully" >%temp%\users.1
if exist %temp%\users.2 del %temp%\users.2

for /F "tokens=1" %%n in (%temp%\users.1) do echo %%n>>%temp%\users.2
for /F "tokens=2" %%n in (%temp%\users.1) do echo %%n>>%temp%\users.2
for /F "tokens=3" %%n in (%temp%\users.1) do echo %%n>>%temp%\users.2

type %temp%\users.2 | sort > %temp%\users.txt

You must now examine users.txt and remove all system accounts,
since you don't want to disable those!

When you're ready, you can disable the accounts in bulk from a
Command Prompt like so:

for %a in (%temp%\users.txt) do net user %a /active:no
 
Clay Hilton wrote in
I need to do some work this weekend on one of my Windows 2000 file
servers. It is part of an NT4 domain. I would like to work on it
remotely through terminal services. The catch is I need to
disable access for all other users. I will be replacing a lot of
user data and I do not want any of the users to connect while I am
doing this work. Is there a way to allow only one user to connect
to this server? Oh -- this server holds everyones home
directories so I do not want to change permissions on the file
shares.
Click to expand...

Absolutely UNcertain and unverified!
net pause netlogon
_might_ keep new logons out while existing sessions continue.

This is in no way solid information. YMMV
 
Back
Top