[THIN] Re: Restricting Logon Access based on User Accounts

Well, I created a "Client Computers" OU, which resides on the same level as
the "Domain Controllers" OU, and I assigned the Deny Logon Locally to the
appropriate group.  However, it doesn't work.  Do I need to enable Loopback
processing, or put the "Client Computers" OU underneath the "Domain
Controllers" OU?  Thanks.

Dean


This message contains information which may be confidential and privileged.
Unless you are the addressee (or authorized to receive for the addressee),
you may not use, copy, or disclose to anyone the message or any information
contained in the message.  If you have received the message in error, please
advise the sender by e-mail reply to dino7@xxxxxxxxxxxxx, and then delete
the message.

-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf
Of Chris Lynch
Sent: Sunday, October 27, 2002 9:10 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: Restricting Logon Access based on User Accounts


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

You can create a GPO that would Deny Logon Locally for the specific
groups you wanted.  This can apply to the workstations within their
parent OU.

CHRIS LYNCH -  MCSE, CCNA, CCA
NETWORK ENGINEER - INFORMATION TECHNOLOGY
NRT Incorporated, 27271 Las Ramblas, Mission Viejo, CA 92691
Chris.lynch@xxxxxxxxxx  Tel 949.367.3406


- -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Dean Theophilou
Sent: Sunday, October 27, 2002 8:42 PM
To: thin@xxxxxxxxxxxxx; windows2000@xxxxxxxxxxxxx
Subject: [THIN] Restricting Logon Access based on User Accounts


Hello:

            I was wondering how I can restrict logon access based on
the user's account.  I have a single server domain set up as a
Terminal Server and each user has two accounts: one for normal logons
and one for TS logons. What I want is for users to log on to their
local machines with their normal account, and then, when needed, log
on to the TS through the Client Connection Manager with their TS
accounts.  In other words, I want to prohibit users from logging on
to their local machines with their TS accounts.

            I've been reading about the Loopback Processing policy,
but that seems to work only for machine-specific situations, rather
than user-specific.  I would greatly appreciate any advice on how to
proceed. Thank you.

Dean Theophilou


This message contains information which may be confidential and
privileged. Unless you are the addressee (or authorized to receive
for the addressee), you may not use, copy, or disclose to anyone the
message or any information contained in the message.  If you have
received the message in error, please advise the sender by e-mail
reply to dino7@xxxxxxxxxxxxx, and then delete the message.



**********************************************
This weeks Sponsor NetX Inc Thin Client
NetX Develops XP and NT Embedded
Thin Client Solutions, Easy to Configure,
Extremely Secure, and Remotely Managed.
Check out our recently updated website at http://www.netxinc.com
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
***********************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPbzGFfl56xfvzmMfEQLaMACgncfg+Mz1lDU1KBzzZYNPslCtmiQAoIfV
C5Rh8az0/ebr5F4itpbf96gJ
=Al34
-----END PGP SIGNATURE-----



-- No attachments (even text) are allowed --
-- Type: application/ms-tnef
-- File: winmail.dat


**********************************************
This weeks Sponsor NetX Inc Thin Client
NetX Develops XP and NT Embedded
Thin Client Solutions, Easy to Configure,
Extremely Secure, and Remotely Managed.
Check out our recently updated website at
http://www.netxinc.com
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
***********************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm


**********************************************
This weeks Sponsor NetX Inc Thin Client
NetX Develops XP and NT Embedded 
Thin Client Solutions, Easy to Configure, 
Extremely Secure, and Remotely Managed.
Check out our recently updated website at
http://www.netxinc.com
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
*********************************************** 
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm

Other related posts: