deny login to member servers

Discussion in 'Server Security' started by Mr. Backup, Apr 11, 2006.

  1. Mr. Backup

    Mr. Backup Guest

    I have a few member server in my domain that staff whom are not are not in
    any management group have logged into. I know the default security on
    server 2003 is to deny access to anyone whom are in select admin groups. I
    would like to apply this same policy to all member server machines.
     
    Mr. Backup, Apr 11, 2006
    #1
    1. Advertisements

  2. Non domain controllers do not restrict logon locally access to any domain
    users. What you want to do is to configure the user right to logon locally
    to contain only the users/groups that you want to logon to the servers. This
    can be done in Local Security Policy possibly or via the domain level Group
    Policy used to enforce that user right. You could for instance put all
    member servers in an OU with a Group Policy linked to that OU that has that
    user right configured. Such an OU could be a child of an existing OU if you
    want to keep other existing GP settings. --- Steve
     
    Steven L Umbach, Apr 11, 2006
    #2
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.