Question

  • Creator
    Topic
  • #2225754

    AD account – limiting access to a single server

    Locked

    by gibit ·

    Hello,

    I need some help on this:
    I need to create an Active Directory account which must be able to login via vpn and access only one server (with administrator privileges on it).

    Limiting the login to one server via the “logon to” in the account tab is ok, but what i really need is to completely hide the rest of the network to this user, we’ve got many shares around i dont want him to see,
    can anybody help?

    thanks a lot,
    Gibit

All Answers

  • Author
    Replies
    • #2620021

      Clarifications

      by gibit ·

      In reply to AD account – limiting access to a single server

      Clarifications

    • #2611775

      feedback

      by gibit ·

      In reply to AD account – limiting access to a single server

      i’m giving myself some feedback on this issue…

      I ended with assigning the user to the local administrators group on the server he needs to access, and appling a gpo to every other machine in the domain with the “deny access to this computer from the network” policy for that user.

      As far as i tried it seems to work, but i’m still a little bit worried about system shares, since the policy applies to the dc’s as well.

      Gibit

Viewing 1 reply thread