Restricting domain list at login

Discussion in 'OT Technology' started by iamclarke, May 23, 2006.

  1. iamclarke

    iamclarke OT Supporter

    Joined:
    Sep 21, 2002
    Messages:
    153
    Likes Received:
    0
    Is there any way (group policy, registry?) to restrict what domains appear in the login screen? Right now there are 2 domains (one AD and one NT4) that you can log into, and I only want the AD one to show up on the list. Anyone know?
     
  2. 5Gen_Prelude

    5Gen_Prelude There might not be an "I" in the word "Team", but

    Joined:
    Mar 14, 2000
    Messages:
    14,519
    Likes Received:
    1
    Location:
    Vancouver, BC, CANADA
    You still want to enable the trust between the two domains?
     
  3. iamclarke

    iamclarke OT Supporter

    Joined:
    Sep 21, 2002
    Messages:
    153
    Likes Received:
    0
    Yes, the only thing I want to change is to be able to customize which users see what domains. I know there is a default domain option but I would like to remove the other domain from the list.
     
  4. chips

    chips ...

    Joined:
    May 2, 2004
    Messages:
    3,755
    Likes Received:
    0
    Location:
    Phoenix, AZ
    hum.. in for how to do it...
     
  5. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    you can't... it's at the logon screen, so it's impossible to know what user will be there to logon, thus you can't limit the list.
     
  6. iamclarke

    iamclarke OT Supporter

    Joined:
    Sep 21, 2002
    Messages:
    153
    Likes Received:
    0
    okay that makes sense as far as users go. i was thinking maybe there was a way using GP linked to an OU containing computers to have the domains restricted or "locked". i couldn't find anything in GP so i guess not. thanks.
     
  7. chips

    chips ...

    Joined:
    May 2, 2004
    Messages:
    3,755
    Likes Received:
    0
    Location:
    Phoenix, AZ
    Why? ( i know its not in GP) but.. if you place the computer in the GP it would do it for the computer in question, would not effect the users
     
  8. EvilSS

    EvilSS New Member

    Joined:
    Jun 11, 2003
    Messages:
    5,104
    Likes Received:
    0
    Location:
    STL
  9. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    Ugh:


    Scenario:

    User "1" is member of domain "A"
    User "2" is member of domain "B"


    The *ONLY* way to set this is a per-machine basis. You can NOT set it per-user because when the computer is logged off it has NO idea who will log on next. So how do you limit it? Can't.
     
  10. iamclarke

    iamclarke OT Supporter

    Joined:
    Sep 21, 2002
    Messages:
    153
    Likes Received:
    0
    Okay, well 99% of the computers I have I want only domain "A" to show up on. I know exactly which computers I want the remaining 1% to show the other (or both) domains on. I really don't care about a user-by-user basis actually...
     
  11. P07r0457

    P07r0457 New Member

    Joined:
    Sep 20, 2004
    Messages:
    28,491
    Likes Received:
    0
    Location:
    Southern Oregon
    if you don't care on a per-user basis, and care only on a per-machine basis then yes, it is possible.
     
  12. iamclarke

    iamclarke OT Supporter

    Joined:
    Sep 21, 2002
    Messages:
    153
    Likes Received:
    0
    Okay, cool. Do you know how to do it?
     
  13. chips

    chips ...

    Joined:
    May 2, 2004
    Messages:
    3,755
    Likes Received:
    0
    Location:
    Phoenix, AZ
    you can apply gp's to PC. where anyone that logs in will have the policy's enforced.


    Right?
     

Share This Page