Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET Coming Soon: GET:IT Endpoint Management 1-Day Conference on September 28th at 9:30 AM ET

Only allow certain users to log into certain machines

Home Forums Microsoft Networking and Management Services GPO Only allow certain users to log into certain machines

Viewing 1 post (of 1 total)
  • Author
    Posts

  • Jeff Cornick
    Member
    #166729

    VERY new to GPO’s so I apologize if this is simple for some of you.

    I’d like to have a GPO only allow a group of users be able to log into a few machines. All other users should get a message of some sort saying you’re not allowed to do this.

    Server 2008R2.

    This is what I’ve done so far in GPM:
    Security Filtering:
    Created a GPO where I added the group and the machine.

    Delegation:
    Changed the permissions on the machine as well as the group to have Read (from Security Filtering) and ticked the box for “apply group policy” under Advanced.

    This is what I’ve done so far in the GPME:
    Computer Configuration>policies>security settings>local policies>User Rights Assignment
    Allow log on locally – I added the group that I want to have the ability to do this.

    I can still log into those specific machines without an issue under any user.

    Any help would be greatly appreciated.

    Thanks.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

Live Webinar: Active Directory Security: What Needs Immediate Priority!Live on Tuesday, October 12th at 1 PM ET

Attacks on Active Directory are at an all-time high. Companies that are not taking heed are being punished, both monetarily and with loss of production.

In this webinar, you will learn:

  • How to prioritize vulnerability management
  • What attackers are leveraging to breach organizations
  • Where Active Directory security needs immediate attention
  • Overall strategy to secure your environment and keep it secured

Sponsored by: