Problem solve Get help with specific problems with your technologies, process and projects.

Limit network access points to boost endpoint security

You can improve endpoint security in your Windows network by managing network access points. Learn how in this tip.

Question: We would like to have a PC on our network that only one user can access. How can we go about doing this?

Wes Noonan's answer: To do so, you need functional NetBIOS. So you also need to ensure that systems can be resolved

Managing Windows network endpoints
Managing Windows network access security tutorial

Windows network perimeter security

by broadcast or that you have implemented WINS. If you are using Active Directory Users and Computers, you can right-click a user and select the Account tab and you will see the Log On To button. Click the button, and you will see the Logon Workstations screen. You can select the computer(s) for which the user is allowed access, which enables a user to log on to only the specified workstation.

If you want to prevent anyone else from logging in to the workstation, you can do so in one of two ways. First, select all the users except the user you configured above, and bring up the Properties screen. This will display the properties for all the selected users.

Select the Account tab and check the box next to Computer Restrictions. Next, click the Log On To box, and in the Logon Workstations screen select all the computers other than the one you don't want others to log in to. If you create additional users or workstations, you also need to update these settings accordingly.

Alternatively, if you use something like Windows Scripting Host for your login script, you can write a script locates the logon workstation. If it detects that the workstation is the one you don't want anyone to log in to, it immediately logs them out. I recommend the Win32 scripting site for examples of scripts with this kind of functionality.

Dig Deeper on Windows Server troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.