Restricted local access

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Hello
In a Server 2003 environmnet with XP workstations, I need to restrict
workstation access on a given computer to one specific user and prevent
others to use that worstation with their own logon on it. (they have their
own computer that they can use the front desk ones are so handy and close
by...)

I am considering using group policies to acheive this but isn't there a
easier way to specify that workstation x is only to accept logon from user x.
Sort of like: allow this worstation (or MAC address) to accept only this user
logon?

Thanks
Aldo
 
Aldo said:
Hello
In a Server 2003 environmnet with XP workstations, I need to restrict
workstation access on a given computer to one specific user and
prevent others to use that worstation with their own logon on it.
(they have their own computer that they can use the front desk ones
are so handy and close by...)

I am considering using group policies to acheive this but isn't there
a easier way to specify that workstation x is only to accept logon
from user x. Sort of like: allow this worstation (or MAC address) to
accept only this user logon?

Thanks
Aldo
Click to expand...

Why don't you just disable all other user accounts except for the one
you want on the machine? Then if the one person allowed to use the
machine doesn't give out his/her password, no one else can get on. I'm
assuming your users aren't administrators. Just don't disable the
administrator account!

Malke
 
In a domain environment, with roaming profiles, you can't restrict access this way, since its not a local account. Its a domain account, and can log into any workstation where it has permissions. You can use practice pools, but that can be a time consuming process.
 
This article has the tip you need:

http://www.windowsitpro.com/Article/ArticleID/20902/20902.html?Ad=1

The LOGOFF utility that it references (NT4) is already in Windows XP.

Create an empty text file in the Netlogon directory of the server with the filename

<username>.<computername> (example: bobd.workstation3) And then create/modify the domain logon script, using the example cited in the above article. It should work the same way in XP as it did in NT4.
 
Back
Top