Daniel's questions -server

Daniel

Asked: 2012-10-16 13:42:56 +0800 CST

GPO: how to limit the users able to logon to PC?

In an active directory domain I'd like to have some PCs assigned to single people. For example on computer_a, the only people allowed to logon should be person_a plus the various administrators.

One common solution I found is to use the Logon Locally GPO, but this would require creating a new GPO and OU for each computer, as each computer would be assigned to a different user. Is there a better way?

One possible alternative I'm experimenting with is the following:

use GPO to remove from the local users group the following accounts: NT AUTHORITY\INTERACTIVE and NT AUTHORITY\Authenticated Users
add the user domain account to the local users group

This seems to work fine, but I'm worried about possible problems caused by the removal of the two special groups.

Is there a better solution?

Daniel

Asked: 2012-01-08 14:44:48 +0800 CST

Should I put an air purifier in my computer room?

My small computer room (~250 sq ft) seems dusty.

Is there any reason against putting an air purifier in a computer room? Could it cause problems?

GPO: how to limit the users able to logon to PC?

Should I put an air purifier in my computer room?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?