I’m trying to prevent a minor from using any PCs after a certain time of day. What I have been doing was working fine until he discovered that all my policies can be bypased if the network is unplugged. Here’s what I have in place now:
1.) Time restrictions for user accounts in AD.
2.) Scheduled task on PDC that initiates an remote shutdown via simple .BAT file.
As I said this works great as long as the PCs are plugged in, but what (if anything) can I do to prevent logon using cached account information when the machine is unable to reach the DC?