WINDOWS SERVER 2003 R2
Hi I work for a tertiary education institution. We have more than 1500 students who login to our domain daily, in our computer laboratories. The server runs Windows Server 2003 R2 64 bit OS. My question is: How can I limit the number of times that a student can login to the domain at the same time i.e. the student should not be able to login on one PC and then login at the same time on another PC without first logging off the first PC? Thanks in advance.
August 31st, 2010 12:28pm

I think http://support.microsoft.com/?kbid=237282 is the best solution available. However, you can always implemnt such thing using some custom login script. http://support.microsoft.com/kb/260364/en-us describes one of many options MCP/MCSA/MCTS/MCITP
Free Windows Admin Tool Kit Click here and download it now
August 31st, 2010 12:47pm

Hi Night, Thanks for post here. Yes. Limit Login utility and CConnect.exe is a good solution to restrict concurrent connections for domain account. Please also take look the link below: Limit Login Attempts With LimitLogin http://technet.microsoft.com/en-us/magazine/2005.05.utilityspotlight.aspx Thanks. Tiger Li Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
September 1st, 2010 6:02am

I do not see the advantage of this commercial tool over the Microsoft provided functionality...MCP/MCSA/MCTS/MCITP
Free Windows Admin Tool Kit Click here and download it now
December 25th, 2011 6:41am

@SenneVL In this case, Microsoft provides NO functionality ... LimitLogin has not been developed by Microsoft, is an unsupported utility, and is especially cumbersome to set up and use: - it performs an irreversible Active Directory Schema modification (!), - it creates a new partition in Active Directory, - it also requires configuring a Web server with the .NET Framework and ASP.NET and setting it up to perform delegated Kerberos authentication, - it requires distributing client packages that support communicating with the Web server via SOAP, - it is not compatible with Windows Server 2008 and Windows Server 2008 R2. François Amigorena President & CEO IS Decisions (Security Software) http://www.isdecisions.com
December 25th, 2011 7:09am

You should give a look to UserLock (fully compatible with Windows Server 2008, including R2 and Windows 7), that allows IT security teams to: - prevent or limit simultaneous logon (same ID, same password), per user, user group or Organizational Unit - record all session logging and locking events in an ODBC database (Access, SQL Server, Oracle, MySQL,…) for future reference - monitor user sessions in realtime (who is connected, from which workstation(s), for how long…) - remotely lock, logoff and reset all interactive sessions - define working hours and/or maximum session time for protected users and disconnect users with prior warning outside of the defined timeframe(s) and/or when time is up - restrict user group’s network access per workstation or IP range - notify all users prior to gaining access to a system with a tailor-made warning message (legal disclaimer, etc.) - … As you work for an academic organization, you might want to read this whitepaper titled "Secure and Optimize a free access Windows network" for further information.Franois Amigorena President & CEO IS Decisions (Security Software) http://www.isdecisions.com
Free Windows Admin Tool Kit Click here and download it now
December 26th, 2011 5:06am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics