This doesn't work with the built-in Administrator account. I forgot to
mention that in my prior reply regarding having found out that this is the
account in question. If you try to specify workstations on the account tab
of the user object, you'll get a message saying it can't be done.
Laura
-----Original Message-----
From: Jitendra Kalyankar [mailto:jitendra.kalyankar@gmail.com]
Sent: Thursday, November 10, 2005 10:41 PM
To: focus-ms@securityfocus.com
Cc: Hindle, Dallas
Subject: Re: Deny Logon by Domain Admin account to specific
PC's or deny to all BUT specific PC's
Use the Logon Workstation criteria under user account. This
way the account can not be used to login from any other computers.
HTH,
Jitendra
On 11/10/05, Hindle, Dallas
<Dallas.Hindle@bakersdelight.com.au> wrote:
Hi all
I assumed this was easy but I must be missing something...
I have a domain admin Account that is used for Services, SQL
Processes, Scheduled Tasks and for automated logons for some
proprietary software... This account has had the password
leak out to
a 3rd party whom has decided to share it with other people
in the company.
As I'm sure you agree I need to get his account locked down ASAP, I
want to prevent logon to this account from any pc's other than the
ones I authorise, and I though this was a simple process, I
don't know
what I'm missing but if anyone has any suggestions it would
be much appreciated.
Thanks
Dallas
--
Message protected by MailGuard: e-mail anti-virus,
anti-spam and content filtering.
http://www.mailguard.com.au/mg
----------------------------------------------------------------------
-----
----------------------------------------------------------------------
-----
--
Thanks,
Jitendra Kalyankar
--------------------------------------------------------------
-------------
--------------------------------------------------------------
-------------
---------------------------------------------------------------------------
---------------------------------------------------------------------------
