How to manage network access for single users in AD

Alter a few settings to limit single user network access in an AD domain to simplify Active Directory management.

Question: We are running a Windows 2000 Active Directory domain controller and a user is running Windows XP SP2

on our domain. How can we set our domain to limit network access and allow only one user to log in? Also, how can we limit domain access to this user's one unique machine? - Posed by a SearchWindowsSecurity.com reader.

Windows network access
Managing Windows network access on additional servers

Managing Windows network access security tutorial

Brad Dinerman's answer: For Active Directory management, you can control network access by restricting the computer(s) to which a user can log on through Active Directory Users and Computers. Open the console and drill down until you find that user. Right-click the user object and select Properties. Select the Account tab and then click the "Log On To" button. You can then enter the name of the computer(s) to which the user should have logon rights. (See screenshot.) He will not be able to log on to any other domain computers.


This was first published in November 2007

Dig deeper on Microsoft Active Directory Security

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchServerVirtualization

SearchCloudComputing

SearchExchange

SearchSQLServer

SearchWinIT

SearchEnterpriseDesktop

SearchVirtualDesktop

Close