Forums

Resolved
0 votes
Hello,

I have a bit of a strange question.
I have installed a clearos server and i will use this server as a domain controller, but it is also used as a radius server.

Radius is used to validate people if they have access to the wifi network. I creatd a groep WL_client and users that are in this groep can use the Radius server.
I tested this and it works perfect.

But if i creat a user in the GUI and add them to the groep wl_client they can also login to ever windows PC that is joined to the domain.
Is there a way to prevent users form login in to a windows PC but if they are in the groep wl_clients the can access te wifi network.

I have been looking treu the forum but could not find a question like this.
Thursday, August 25 2016, 09:25 PM
Share this post:
Responses (1)
  • Accepted Answer

    Thursday, August 25 2016, 11:57 PM - #Permalink
    Resolved
    0 votes
    Hi Frans.....

    I think you can do this by adding the user or group you don't wish to have access to the "Deny log on locally" policy within the Local Security Policy for the PC.

    Logon to the PC using a Domain admin account - go to - "Control Panel" > "Administrative Tools" > "Local Security Policy" > Expand "Local Policy" > Click on "User Rights Assignment" then in the right hand pane locate and open "Deny log on locally" > Click "Add User or Group" and type in the name of the user or even entire group you wish to deny access.

    Hope this helps.

    Cheers......... Andy
    The reply is currently minimized Show
Your Reply