There is CCONNECT from MSFT but requires SQL.
Then from JSIINC there is:
http://www.jsiinc.com/SUBR/tip8700/rh8768.htm
Which is a login script using PsShutdown.exe and PsLoggedOn.exe from
Sysinternals www.sysinternals.com
Both are free... Cheers!
____________________________________________
Dave Kleiman, CIFI, CISM, CISSP, ISSMP, MCSE
www.SecurityBreachResponse.com
-----Original Message-----
From: Martin Mewes [mailto:mm@mewes.tv]
Sent: Friday, January 28, 2005 02:14
To: focus-ms@securityfocus.com
Subject: Re: Preventing multiple logins in 2003
Hi Ian,
Ian Turnbull <ian.turnbull@mpsgi.com> wrote :
It has been noted that some of our user base are allowing other
members of staff to login using their user account. We are currently
in the process of moving to a fully functional 2003 domain and I would
like to disable concurrent logons via group policy. Any suggestions?
We had the same problem here and did not come to any conclusions.
For now we have written a little logon script which writes a lock into the
$home of the user like this ...
:test
if not exist \\path\logged.in goto login logout.exe
:login
echo lock > \\path\logged.in
...
... together with a logout script which deletes the lock. Anyway from time to
time we run into trouble if a users machine has a blue screen or something so
tha admin has to delete the lock manually.
We thought about locking the user to a collection of single machine (which is
possible since NT4) but not sure if this really helps.
bis dahin/kind regards
Martin Mewes
---------------------------------------------------------------------------
---------------------------------------------------------------------------
