limiting users to single logons...

[bubonicdave]

does anyone know how you can limit user accounts so that
they can only be authenticated once at a time? that is to
say, how do you limit users so that they can only logon to
the domain on one machine at a time.

any solution would be appreciated, or if you know that
this cannot be done, please put me out of my misery as i
have searched everywhere.

cheers,
david

 

[Ray at]

I'm not a network administrator. I'm a programmer who likes to think he
knows what he's talking about when it comes to network admin things, where
in reality, I know next to nothing. :] But the reason I'm replying is that
the damn as/400 guys where I work don't understand why multiple logons
cannot be prevented in our W2K domain. They say, "we can limit as/400
sessions." They didn't understand the difference between authenticating and
logging on. Once we started running some things in Terminal Services, they
could see that the as/400 is much more similar to a terminal server than to
a DC. Does this make sense at all? If so, you'll see why there isn't a
"only let this person log on n times" in the user properties for a domain
user. Having said that, see here.
http://www.jsiinc.com/SUBA/tip0200/rh0296.htm

Ray at home