Thread-topic: Restricting Active Directory Logins To a Group of Computers
User-agent: Microsoft-Entourage/11.2.0.050811
Justin,
> Try putting the AD users in the OD group that is tied to a machine list.
> Do this using WGM on a machine bound to both OD and AD. Get 2 windows open
> showing each directory (use File > View Directory) - drag the AD users into
> the OD group.
This is actually the method that I've been trying to do. I can add the AD
user to the OD groups, but even when I restrict the OD groups from logging
into groups of OD machines, it allows them to log in.
I believe that since the computers are set to allow authentication from
both AD and OD, the AD authentication works no matter what. If I remove the
authentication from AD on the client machines, then no AD user can log in no
matter what, regardless of what OD group they are a member of.
Don't know if this will make this any more relevant, but both the client and
server machines are running the latest version of Tiger.
Thanks,
Dave
This message is the property of R/GA and contains information which may be privileged or confidential. It is meant only for the intended recipients and/or their authorized agents. If you believe you have received this message in error, please notify us immediately by return e-mail or by forwarding this message to email@hidden, and destroy any printed or electronic copies of the message. Any unauthorized use, dissemination, disclosure, or copying of this message or the information contained in it, is strictly prohibited and may be unlawful. Thank you.
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this e-mail.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Client-management mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/client-management/email@hidden
This email sent to email@hidden
