limit domain user login to specific group on 2 xp machines

Archived from groups: microsoft.public.win2000.group_policy (More info?)

All,

I am trying to limit domain usage on a couple of computers in a
computer "lab" setting. I would like to have a specific domain group
(group x) login to two student machines in this lab setting. This group
(other than admins) should be the only people to be able to do this.

I have tried a fix I read about in another posting that had me deleting
the "domain users account under the "users" group in "groups" from
managing "local users and groups" in the "computer management" console,
and replacing with the specific user(s) from the domain, it did not
work, and I am not sure why (I even deleted all exisiting domain
profiles).

Any Ideas?

Thanks in advance,

-Patrick Montag
2 answers Last reply
More about limit domain user login specific group machines
  1. Archived from groups: microsoft.public.win2000.group_policy (More info?)

    Try setting the local security policy setting
    Local Policies-User Rights Assignments-Log on Locally
    set this to the AD group/groups you created.
  2. Archived from groups: microsoft.public.win2000.group_policy (More info?)

    By default, members of the local groups, Administrators, Backup Operators,
    Power Users, Users and Guest (if its enabled) can logon locally. Perhaps
    the users you don't want to be able to logon locally are members of another
    of these groups besides Users.

    You can control who can logon locally using the Group Policy settings in
    Computer Configuration
    Windows Settings
    Security Settings
    Local Policies
    User Rights Assignment
    Allow log on locally
    and
    Deny log on locally

    Remember that "deny" supercedes "allow", so if a particular user gets both
    Allow and Deny (e.g. by being members of several groups), they won't be able
    to log on locally.

    --
    Bruce Sanderson MVP Printing
    http://members.shaw.ca/bsanders

    It is perfectly useless to know the right answer to the wrong question.


    "Patrick" <pat.montag@gmail.com> wrote in message
    news:1126542642.999601.297590@o13g2000cwo.googlegroups.com...
    > All,
    >
    > I am trying to limit domain usage on a couple of computers in a
    > computer "lab" setting. I would like to have a specific domain group
    > (group x) login to two student machines in this lab setting. This group
    > (other than admins) should be the only people to be able to do this.
    >
    > I have tried a fix I read about in another posting that had me deleting
    > the "domain users account under the "users" group in "groups" from
    > managing "local users and groups" in the "computer management" console,
    > and replacing with the specific user(s) from the domain, it did not
    > work, and I am not sure why (I even deleted all exisiting domain
    > profiles).
    >
    > Any Ideas?
    >
    > Thanks in advance,
    >
    > -Patrick Montag
    >
Ask a new question

Read More

Domain Login Windows XP Windows