Security Basics mailing list archives
Re: Security products to lock a user out of their computer
From: "Gaddis, Jeremy L." <jeremy () linuxwiz net>
Date: Thu, 06 Oct 2005 18:45:48 -0500
JGrimshaw () ASAP com wrote:
I am looking for information on any security product that could lock a user out of their computer--such as a remote user with a laptop, that has been terminated.Does anyone know of such a product?
Without more information, I'll assume Microsoft Windows 2000/XP on the laptop with the laptop in a domain environment...
With the laptop joined as a member of the domain, group policy can be set so that the laptop will not cache user credentials on the laptop itself. This forces the laptop to authenticate a user's credentials directly against a comain controller each time a user logs in. It is also necessary, however, to force (via group policy) the laptop to request a password when coming out of suspend/hibernation and to also verify that against a domain controller.
This requires that the laptop have access to a domain controller when authentication, however. This may not be feasible if the user is working in remote locations without a connection into the network.
Without having the necessary connection, however, one must ask: how can the laptop know that the user has been terminated?
HTH, -j -- Jeremy L. Gaddis <jeremy () linuxwiz net> Senior Systems Engineer LinuxWiz Consulting
Current thread:
- Security products to lock a user out of their computer JGrimshaw (Oct 06)
- Re: Security products to lock a user out of their computer Gaddis, Jeremy L. (Oct 07)
- Re: Security products to lock a user out of their computer Adam Jones (Oct 11)
- <Possible follow-ups>
- RE: Security products to lock a user out of their computer David Kinder (Oct 11)
- RPC over HTTP Jair (Oct 11)
- RE: Security products to lock a user out of their computer Kenton Smith (Oct 11)
- RE: Security products to lock a user out of their computer Dennis Distler (Oct 11)