How to limit interactive logins to specific computers ! It's seems like everyone in the root domain and trusted domain can access the client, I would like to restrict access for specific AD groups.
We have two domain A and B (trustesd), where we use domain B to retrieve the users to domain A.
The reason I will limit is because everyone in Domain B has access to the client, which should not be. This is because of accessibility control of applications and only a certain group can access, etc
The members Under the "Local Users and groups ->group - > Users" (Windows 7 and the server is 2003)
Domain Users`
NT authority\authenticated users (S-1-5-11)
NT authority\interactive (xxx)
It looks like , if i delete "NT authority\authenticated users (S-1-5-11)" then it's not possible to put it back, may this be right??
My question: If you delete the "NT authority\authenticated users (S-1-5-11)" and put an AD group (those who will have access) as a member. Will this cause any other issues?
Is there any other solution for this issue?
just ask if something is unclear. Thanks in advance