hi,
I've an active directory on win2003 server. There are around 100 employees in my company. I have separate OUs for each Department and in each Department OU i've separate OUs for computers, groups and users.
All my domain computers are Windows XP with Service pack 2.
I've a problem.
Usually several users log into a single PC in our company and those same PCs have valuable data which should not accessed by other users. So other domain users should not log into that PC other than the allowed users. (only in some departments). Some departments have several PCs in such manner.
So the problem is that i cant add another OU for such PC and give a GPO restricting "deny logon locally" because i have to create 30 OUs if there are 30 PCs in my domain that several users login.
So is there a way that i can restrict specific Domain computer to be logged in by only allowed domain users and there are several PCs in each department. and i need to applyu the same rule to them accordingly.
It's like for a PC in finance department...
(Finance-PC-A) , only allowed users can login (USER-A,USER-B)
(Finance-PC-B) , only allowed users can login (USER-C,USER-D)
Thanx & Regards,
Tharaka
Bookmarks