Matt,
MS doesn't really have a way of removing the ability to view Domains
that are trusted (or part of a forest hierarchy) from domain member
workstations. At best . . You can do some smoke and mirrors on the login
process.
The closest thing I can think of on this one for you Matt is switching
to using UPN suffixes for your end user logins.
http://support.microsoft.com/?kbid=243629 - HOW TO: Add UPN Suffixes to
a Forest
http://support.microsoft.com/default.aspx?scid=kb;EN-US;243280 - Users
Can Log On Using User Name or User Principal Name
Essentially, you can tell end users to remember their e-mail address (or
some equiv) as their new user name. Once they successfully login w/ that
the domain list will only show up on logins if you select the "options"
tab. Otherwise, they should only be prompted for username and password.
NOTE - the UPN specified does not in anyway have to be associated w/
your DNS namespace or AD domains. As long as the UPN suffix is setup as
an alternate within AD domains and trusts, and the user account is set
to use it, it should work for domain logins.
Another option, would be to force the "defaultdomain" setting in the
registry for workstations. A reg change during boot up for workstations
can ensure that the default domain selected is the child domain.
In both of these options however, end users can still choose options
during login and "see" that there are multiple domains available even if
they can't authenticate to them successfully.
HTH
J
-----Original Message-----
From: windows2000-bounce@xxxxxxxxxxxxx
[mailto:windows2000-bounce@xxxxxxxxxxxxx] On Behalf Of Matt Fowler
Sent: Tuesday, July 20, 2004 12:15 PM
To: windows2000@xxxxxxxxxxxxx
Subject: [windows2000] domain list at login
Sending again, with clarification in hopes of a response...
Windows 2003 Active Directory with 2 domains. Added a workstation to the
"child" domain. When logging into the workstation with a domain account,
the login screen shows both the child and parent domains in the domain
list as possible domains to login to. Is there a way to just show the
"child"
domain and not the parent?
Thanks,
Matt Fowler
LAN Specialist
(847)925-6113
mfowler@xxxxxxxxxxxxxxxxx
********************************************************
This Weeks Sponsor StressedPuppy.com Games Feeling stressed out? Check
out our games to relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
********************************************************
This Weeks Sponsor StressedPuppy.com Games
Feeling stressed out? Check out our games to
relieve your stress.
http://www.StressedPuppy.com
********************************************************
To Unsubscribe, set digest or vacation
mode or view archives use the below link.
http://thethin.net/win2000list.cfm
