owoods Posted September 26, 2005 Posted September 26, 2005 HiIs it possible to remove the option to logon to the local machine from the logon screen? IE, all logons must be to the domain and if the DC is not available then that's tough luck.Furthermore, can I specify this in my answer file/reg updates?TIAOli
InTheWayBoy Posted September 26, 2005 Posted September 26, 2005 Well if you don't create any local users, and disable the local admin account, then there is nothing for them to log into.If you are doing a fresh install then you can add this to your *.sif:DisableAdminAccountOnDomainJoin=1Now I don't know if that will work unless you join the domain from within the *.sif, but it's a start. I think you can also disable the local admin through a Group Policy.
owoods Posted September 26, 2005 Author Posted September 26, 2005 Thanks for your response, but I want to physically remove the box from the logon screen. A lot of our users are not very computer orientated and I get lots of calls from users saying that they cannot logon - 99% of the time they are trying to logon locally with their domain account!See my problem?Ol
mattofak Posted September 26, 2005 Posted September 26, 2005 I know there is a way to set the perferred domain via the GPO, but I cannot remember where in that mess it is... I think there is also a way to disable the whole dern select domain box from somewhere in the registry...Hope the knowledge that something can be done helps, even though I cannot remember how to do it... srry
ringfinger Posted September 26, 2005 Posted September 26, 2005 I believe you can do this with the W2k resource kit with the ntrights.exe command combined with GPOs. M$ SiteSyntax
Recommended Posts
Please sign in to comment
You will be able to leave a comment after signing in
Sign In Now