You can use the setting below
Deny logon locally
Computer Configuration\Windows Settings\Security Settings\Local
Policies\User Rights Assignment
Description
Determines which users are prevented from logging on at the computer. This
policy setting supercedes the Log on locally policy setting if an account is
subject to both policies.
This user right is defined in the Default Domain Controller Group Policy
object (GPO) and in the local security policy of workstations and servers.
By default, there are no accounts denied the ability to logon locally.
--
Tim Hines, MCSE, MCSA
Windows 2000 Directory Services
=====================================================
When responding to posts, please "Reply to Group" via
your newsreader so that others may learn and benefit
from your issue.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
