Sign in with
Sign up | Sign in
Your question
Solved

Prevent login

Last response: in Networking
Share
February 18, 2010 12:30:23 AM

I own a small home Windows Server 2008 domain based network. all the clients on the network run windows 7. here is the problem. i am in charge of ensuring that my brother is shut down at 9:30 every night. to address this i created a simple script which shuts him down every night at this time. then within his account settings in active directory i restrict his log in hours appropriately so that if he attempts to log in after those hours that it will lock him out. recently my brother has found a loophole in my networks security. he is able to bypass the log in restriction by disconnecting his computer from the LAN then logging in. once he is logged in he then reconnects himself to the LAN and is then able to access the internet but not the network resources. i use a router and not a proxy server but will not be able to implement a proxy server any time soon. what can i do to prevent my brother from logging in when he is disconnected from the LAN? any help is greatly appreciated.

More about : prevent login

February 18, 2010 12:40:51 AM

A good flogging may help. :) 

Can't you add access restrictions at the router? Many routers will allow you to limit Internet access based on MAC address, schedule, etc. If the only problem is Internet access (other network resources remain inaccessible), that would seem to be the place to take action.

Of course, since you live in the same house, there’s probably ALWAYS going to be a way around your security measures, including just disconnecting the router and running an Ethernet cable from his PC directly to the modem. There’s only so much you can do when someone has physical access.

m
0
l
February 18, 2010 12:50:41 AM

thanks for the reply. is there any local policy i can implement that would deny him access to certain executables after a specified time?
m
0
l
Related resources

Best solution

February 18, 2010 12:56:46 AM

Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon and set cachedlogonscount to 0.
Share
February 18, 2010 1:03:32 AM

alright, i will try this in a second, i knew the password was being cached somewhere on the local system i just didn't know how to prevent it from cacheing the password. ill report back my results
m
0
l
February 18, 2010 1:09:42 AM

Also make sure that he doesn't have administrator rights on that PC. Power users only have read access to that key.
m
0
l
February 18, 2010 1:14:32 AM

that worked like a charm, thanks for the help
m
0
l
February 18, 2010 1:14:51 AM

Best answer selected by clean14.
m
0
l
February 18, 2010 1:19:58 AM

clean14 said:
that worked like a charm, thanks for the help

He sure won't appreciate...
m
0
l
!