How to Bypass the 8-Workstation Logon Limit

Summary

When you enable the "User may log on to these workstations" option in a user account's Logon Workstations dialog box, you can specify up to 8 computer names in the associated list. This article describes how to bypass the 8-computer limit for specific users and computers.

More Information

To bypass the 8-computer limit for specific users and computers:


  1. Create a file on the Netlogon share called "<username>.<computername>" for each authorized user and computer account combination. You can do this by right-clicking an empty spot in the right pane in Windows Explorer, pointing to New, clicking Text Document, typing the user name, a period, and the computer name, and then pressing ENTER. The file does not have to contain any data.
  2. Edit the domain login script and add the following line at the beginning:

             if exist %LogonServer%\Netlogon\%UserName%.%ComputerName% goto OK
    REM use LOGOFF.EXE or SHUTDOWN.EXE here from Resource Kit
  3. Add the following line to the domain login script at the point where the script should continue execution after having verified the existence of the user name/computer name file:

          :OK

    When the login script runs, it verifies the existence of a file on the Netlogon share, substituting the current user and computer name for the variables. Once this is complete, the script transfers execution to the OK label designated after the GOTO command. You can place script commands between these two lines to handle users logging in from computers for which they have not been authorized.
  4. Save the domain login script and then quit the editor.

References

For further information, see the following article in the Microsoft Knowledge Base:


158388 Useful Resource Kit Utilities for Domain Administrators
Propiedades

Id. de artículo: 194740 - Última revisión: 10/31/2006 - Revisión: 1

Comentarios