Windows 2000 Active Directory customizer

Active Directory
Application security
Desktop management applications
Disaster Recovery
Incident response
Instant Messaging
Intrusion management
Microsoft Exchange
Microsoft Windows
Network applications management
Network management software
Network monitoring
Network security
Networking services
Novell NDS
Risk management
Secure Coding
Security Program Management
I am working on a Windows 2000 Active Directory and am trying to achieve the following: 1. Users are not allowed to logon to more than 1 PC 2. The PCs must autoshutdown after some idle time, even during logoff 3. Keep track of each user's login duration 4. All logon accounts should be disabled on default, but activated by some other device (e.g. fingerprint reader) Any ideas or suggestions on 1/more of the above will be much appreciated.

Answer Wiki

Thanks. We'll let you know when a new response is added.

Well for the first one: Active directory user accounts properties can allow you to specify which computers a user can log into.

As far as keeping track of login duration , you can audit logon and logoff events for each user so you can see when they logon and logoff.

For the autoshutdown, you might need to write your own script which needs to run in the background, but I am sure if you search online you can come across a program which does what you need.

With the use of fingerprint authentication, the software which comes with it should allow you to make sure that user uses the fingerprint reader first and then is allowed to login.

Hope this helps


Discuss This Question: 1  Reply

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • RoniPerkins
    #1. I don't know of a way to restrict users to one simulataneous connection (which can be done in Novell). You can restrict users to using a particular PC which consequently can result in only login...but restricts the user to only using 1 computer. This setting is in the User Account Properties. #2. Having the PCs autoshutdown when idle. You may be able to set up "Power Options" through Control Panel to obtain the desired results. #3 There are 2 types of settings that Audit logons: (a) Domain Account Logons (create a GPO link it to the Domain Controllers OU - Audit "Account Logon")and (b) Local Computer Account Logons (link GPO to the Domain or to an custom OU that you've created that contain Computer objects - Audit "Logon Events"). #4 Accounts activated via "some other device." Create a GPO/Security Policy for "Interactive Logons. Hope this helps. - Roni
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: