Question about Computers & Internet
Good morning Dear,
Thanks for attempting my problems. I think I had not made my point clear.
I am working for the company where there are 41 computers connected in a network
Server (Windows server Standard 2003 R2 English installed)
Client (XP installed)
I want to stop misused of client machine after working hours. For which I have followed the following process.
I have created 40 different users and are restricted for specific IP address so that only single user can login onto that particular machine. Password used while logging onto Domain for all 40 users are the same and known by everybody while password used for logging onto that machine is different and known by me only.
My server is ON only for working hours (9.00am to 7.00pm) and rest of the time it is off.
Also the client machine gets logoff automatically after 7.00pm if they are ON this setting is done on the server (I have restricted the time and Sunday i.e. logging is possible on Monday to Saturday from 9.00am to 7.00pm). Now I want to stop the client starting their machine after working hours when server is off.
Now if server / network switch is off or network wire is removed from that client machine then that machine can login to domain using user name and password given for then.
I want to have settings on client machine so that client machine is not able to login to domain when server / network is off.
I hope I have made my statement clear
Pls help waiting for the reply
Thanks for the background info, this makes it easier for me to see what you need.
You need to disable your guest account if you havnt already done so.
The user is logging on with a cached version of the logon information, this is useful for when the server goes down but not in your case as you need to prevent this.
Another worrying aspect is that you allow all your users to log on using the same password. Very bad from a security aspect anyhow. It is better to change at least every 30 days. If they moan they will get used to it soon enough.
Go into group policy again and computer configuration>windows settings>security settings>local policies>security options and look for interactive logon:number of previous logons to cache - set this to 0. If the domain controller is not available and the logon info is not cached they cannot logon to domain.
Group policy can be overruled at the client end if they have admin priviledges so you may have to set this on the client pc also. But you need to test to see if it is required there. I have not used that particular policy but it should be ok just on the server. Your users dont have admin rights do they? Anyway good luck. You can set this by applying it to an OU or domain wide but if you want to target just this one pc then maybe if you put it in its own ou and apply it just there.
You need to create new policies rather than modifying the domain one and keep each policy for specific purposes so that applying them to ou's is easier, ie internet options policy, firewall policy, working hours policy etc.
Posted on Mar 27, 2008
a 6ya expert can help you resolve that issue over the phone in a minute or two.
best thing about this new service is that you are never placed on hold and get to talk to real repairmen in the US.
the service is completely free and covers almost anything you can think of (from cars to computers, handyman, and even drones).
click here to download the app (for users in the US for now) and get all the help you need.
Posted on Jan 02, 2017
Tips for a great answer:
Jun 09, 2014 | Dell PowerEdge 1800 Server
Nov 21, 2012 | IBM xSeries Computers & Internet
Jul 31, 2012 | IBM xSeries 346 Server
Jan 01, 2012 | Dell PowerEdge 2950 (becwfk1_6) Server
Nov 28, 2009 | 2003 Jaguar XJ-Series
Oct 11, 2009 | Toshiba Satellite 2400-S251 Notebook
Jul 08, 2009 | Microsoft Outlook Express
Mar 24, 2008 | Microsoft Windows Server Standard 2003 for...
Feb 05, 2008 | Microsoft Windows XP Home Edition
366 people viewed this question
Usually answered in minutes!