none
Limit Users to log into selected 2012 server/servers

    Question

  • Hello, I have a small server farm. I would like to lock down users to only be able to log into a selected server. Users are remote, and at time in the office. Different users need to log into different servers. They also use multiple devices, so I can not match the device to the user. I have tried the "Log in to" option within AD but without the users computer information, this will not work.

    Any help would be great!!-Everett

     
    Tuesday, March 17, 2015 8:03 PM

Answers

  • Hi Everett,

    >>I have tried the "Log in to" option within AD but without the users computer information

    Before going further, what does it mean by "without the users computer information"?  

    >>I would like to lock down users to only be able to log into a selected server. Users are remote, and at time in the office. Different users need to log into different servers

    Here, I assume that we are taking about member servers and standard domain user accounts. According to me, Configuring Log on to... under Account tab in user accounts' Properties in ADUC should be a better method to achieve what we want here, despite that group policy settings Allow log on locally or Deny log on locally can allow or disallow users from logging onto computers. In addition, to allow users to log on remotely, we need to add the users to Remote Desktop Users group of the computers.

    Best regards,
    Frank Shen


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, March 18, 2015 8:14 AM
    Moderator