General discussion

Locked

NT Security and Logon Process

By anomalygold ·
I am trying to understand the NT Logon proces better. I have set of systems (NT4 Server with NT4 workstations) configured by another group that allows a user to log onto the domain and into the workstation with a single logon. The user has a specific network logon id and is being logged into the workstation as administrator. The passwords for the network login and administrator login are different. The workgroup administrator does not want the user to be able to logon automatically as administrator for the workstation. I did not think NT would allow a single logon in this type of case. I need troubleshooting and configuration ideas to ensure that users only can logon to their accounts. Help please.

This conversation is currently closed to new comments.

7 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Comments

Collapse -

NT Security and Logon Process

by yorkster In reply to NT Security and Logon Pro ...

by default domain admins are given permission to local admin on workstations when the workstation joins the domain, check the local group administrators and remove domain admins from the group, this will tighten up security on the local workstation,but you better remember the local admin password or you will have a problem.

Collapse -

NT Security and Logon Process

by anomalygold In reply to NT Security and Logon Pro ...

gary, domain admins is not in the local administrators group I checked for this. Thanks

Collapse -

NT Security and Logon Process

by wburrows In reply to NT Security and Logon Pro ...

From what you described the group that setup the workstations added the user domain accounts to the local adminstrators group. This allows the user to log in with the domain account but be an administrator on the local machine. To take away local administrative priviledges from users, log into the workstation as an administrator - run user manager - from the menu select 'User-Select Domain' and enter the workstation name. This opens up the local account database. Open up the administrator group and remove the domain accounts for the users. Log out of the workstation. Now when the users log into the workstation with their domain accounts they are no longer local adminstrators.

Collapse -

NT Security and Logon Process

by anomalygold In reply to NT Security and Logon Pro ...

Poster rated this answer

Collapse -

NT Security and Logon Process

by Bill Cassada In reply to NT Security and Logon Pro ...

Your description states the user is logging in AS the administrator. If this is true that is your problem...simply setup a domain user account on the PDC and then change the password on the local workstation account. The user can then logon to theworkstation AND the domain (provided the workstation is part of the domain) with one logon however he won't be able to administer the workstation. If I've got it wrong let me know....happy to help.

Collapse -

NT Security and Logon Process

by anomalygold In reply to NT Security and Logon Pro ...

Poster rated this answer

Collapse -

NT Security and Logon Process

by anomalygold In reply to NT Security and Logon Pro ...

This question was closed by the author

Back to Windows Forum
7 total posts (Page 1 of 1)  

Operating Systems Forums