L
leegold
Simple question I think:
On a LAN I have several win2kpro client PCs.
I have admin. rights locally on these PCs.
Note: We're in similar to a library setting w/many patrons using these PCs.
I notice the average user, ie. the user name that we
logon with and each customer subsequently uses is in the: "power user" group.
So, wanting to be more secure, I switch the "average user" to just the "user" group.
But find that now with "average user" can not logon after the bootup.
Win2K message says "This user can not log in interactively".
Ques:
If I go into: Control panel>Local Security Policy>Security settings>user rights assignment>
logon locally...and check "users" ...or better yet (?) add the specific user only...
Well, is this a fairly good practice to get abit more secure?
I'm assuming that I won't be over-ridden by domain controller policy.
Thanks,
Lee
On a LAN I have several win2kpro client PCs.
I have admin. rights locally on these PCs.
Note: We're in similar to a library setting w/many patrons using these PCs.
I notice the average user, ie. the user name that we
logon with and each customer subsequently uses is in the: "power user" group.
So, wanting to be more secure, I switch the "average user" to just the "user" group.
But find that now with "average user" can not logon after the bootup.
Win2K message says "This user can not log in interactively".
Ques:
If I go into: Control panel>Local Security Policy>Security settings>user rights assignment>
logon locally...and check "users" ...or better yet (?) add the specific user only...
Well, is this a fairly good practice to get abit more secure?
I'm assuming that I won't be over-ridden by domain controller policy.
Thanks,
Lee