Marcus Hall

User Tools

Site Tools

Trace: tiddlywiki presentations ipv6 bittorrentsync virus drupal unigraphics networkmonitor ipam backupexec
software:microsoft:windows:activedirectory

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
software:microsoft:windows:activedirectory [2022/04/06 03:59] – [Computer login] superwizardsoftware:microsoft:windows:activedirectory [2024/03/02 22:28] (current) – [Viewing the active Directory with ADSIEDIT.MSC] superwizard
Line 2: Line 2:
  
 -------------------------------------------------------------------------------------------------------------------------------------------------\\ -------------------------------------------------------------------------------------------------------------------------------------------------\\
 +
 +====== Configure Microsoft Entra hybrid join ======
 +
 +<WRAP center round box >
 +Bringing your devices to Microsoft Entra ID maximizes user productivity through single sign-on (SSO) across your cloud and on-premises resources. You can secure access to your resources with Conditional Access at the same time.
 +
 +https://learn.microsoft.com/en-us/entra/identity/devices/how-to-hybrid-join
 +
 +</WRAP>
 +
  
 ====== Viewing the active Directory with ADSIEDIT.MSC ====== ====== Viewing the active Directory with ADSIEDIT.MSC ======
Line 88: Line 98:
 A better way would be to do it in the security policy (secpol.msc) A better way would be to do it in the security policy (secpol.msc)
  
-Security Settings > Local Policies > User Rights Assignments > Allow log on locally. Remove the "Users" group from this policy and add those users you want to allow to log on.+Security Settings > Local Policies > User Rights Assignments > **Allow log on locally**.\\  
 +Remove the "Users" group from this policy and\\  
 +add those users you want to allow to log on.
  
 From: https://community.spiceworks.com/topic/199167-active-directory-2008-r2-control-user-login-to-computer From: https://community.spiceworks.com/topic/199167-active-directory-2008-r2-control-user-login-to-computer
Line 94: Line 106:
 ChristopherO ChristopherO
 Mace Mace
-ChristopherO Feb 15, 2012 at 6:54 AM  +ChristopherO Feb 15, 2012 at 6:54 AM \\  
-You could certainly do this in 2003. //    +You could certainly do this in 2003.\\  
-If you want to be granular, you will need to update the Users group on each computer - remove Domain Users and add in the specific accounts/groups that can log into that computer.  If it's going to be the same for a large number of computers (ie, users in the Sales group can log into any computer in the Sales department) you can use Restricted Groups in Group Policy - just remember, with Restricted Groups it will remove ALL other users/groups from that local computer group and ONLY allow in what you set in the policy.+If you want to be granular, you will need to update the Users group on each computer\\  
 +- remove Domain Users and add in the specific accounts/groups that can log into that computer.\\  
 +If it's going to be the same for a large number of computers (ie, users in the Sales group can log into any computer in the Sales department) you can use Restricted Groups in Group Policy - just remember, with Restricted Groups it will remove ALL other users/groups from that local computer group and ONLY allow in what you set in the policy.
  
 From: https://community.spiceworks.com/topic/338040-how-to-stop-domain-users-from-logging-into-my-pc From: https://community.spiceworks.com/topic/338040-how-to-stop-domain-users-from-logging-into-my-pc
software/microsoft/windows/activedirectory.1649217595.txt.gz · Last modified: by superwizard