Archived from groups: microsoft.public.win2000.security (
More info?)
Try going into Local Security Policy and configure the user right to logon
locally to have just administrators and your domain account which may accomplish
what you want unless there is domain/OU policy configured which by default it is
not. --- Steve
"MAHA" <MAHA@discussions.microsoft.com> wrote in message
news:9225C4E5-DAB5-49CB-9C89-33232C8F8C6D@microsoft.com...
> Thanks Steven,
> My workstation is joined to doamin. I do have local admin rights. I want to
stop other domain user logon to domian (not log on locally) from my
workstation
> As you said Local Security Policy can be overridden by domain/OU policy
becasue of this i gues it is not possible.
>
> Pls let me know
> Thanks again steven
>
> "Steven L Umbach" wrote:
>
> > Hi Maha.
> >
> > Open the Local Security Policy - secpol.msc and go to security
settings/local
> > policies/user rights and configure the user right for logon locally to
contain what
> > users/groups that you need. There is also a deny logon locally user right
which
> > should be used with care as it will override the logon locally user right
for a user
> > or group and keep in mind that administrators are in the users and everyone
groups.
> > Local Security Policy can be overridden by domain/OU policy which would be
evidenced
> > by effective settings being different than local settings. --- Steve
> >
> >
> > "MAHA" <MAHA@discussions.microsoft.com> wrote in message
> > news:410D54E3-DD22-44A4-8360-48F1B3F05911@microsoft.com...
> > > In our network I wanted to configure on win2k professional workstation
such a way
> > only one specific domain user allow to login to domain.
> > >
> >
> >
> >