Q

Prevent all users except admins from logging onto more than one PC

I want to prevent all users (except administrators) connected to our LAN from logging onto more than one computer at any given time, but they should still be able to log on to any computer in their department. How can this be implemented from the Domain Controller level?

I want to prevent all users (except administrators) connected to our LAN from logging onto more than one computer at any given time, but they should still be able to log on to any computer in their department. All users log onto the Windows 2000 domain controller and are Windows professional clients. How can this be implemented from the Domain Controller level?
This is not a perfect solution, but it may get you most of the way there:

1. Go to the server that manages your domain, and use Explorer to open the folder where the user's roaming profiles are stored (usually %SystemRoot%Profiles[username]). 2. Select a user's folder, right-click on it, then select Properties | Sharing. 3. Share out the folder, and under User Limit select "Allow this number of users:" and set the value to 1. 4. Then click Permissions, remove access for all users, and then add access for...

only the user in question.

This only allows one connection at a time to the profile folder, which means that a user cannot log on to the same server twice.

One advantage of doing it this way is that you can select which users to enforce this on. Downside: If you have a lot of users in your LAN, this could be tedious to set up.

This was first published in July 2006

Dig deeper on Microsoft Windows Data Backup and Protection

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close