Restricting user accounts - temporarily

By Sulphy
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

Sulphy

Posted
Posted

Hey guys,

So i have an odd question. This is to affect thousands of accounts, so it should be easy to unpick. 

 

In a nutshell, I need to come up with a viable solution to lock down user accounts to only a couple of dedicated systems and web sites. ie email etc.

The users come in over VPN, and usually have loads of memberships in AD. I assume, that the user policies apply after the VPN has authenticated the user - am getting verification on that piece.

 

My thinking, was to inject an attribute to the AD accounts affected, and using MIM, find that attribute, and move the user to a new OU, that has disabled inheritance, with a unique policy applied that locks down certain apps from running, only allow a subset or URL's they can run, disable all network shares access etc.

 

Do you think this would work? 

 

OR

 

Does anyone maybe have a simpler process i can look into. Again, this is temporary, and need to be able to undo it easily.... we are talking around 22,000 accounts.

 

Appreciate any thoughts / ideas.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.

  • Posts

    • You will soon have fewer reasons to open Control Panel in Windows 11

      By tboggs13 · Posted

      99% of Control Panel will be moved to Settings. Then by 2050, 20% of settings will have been moved to the Configuration Menu. I have no issues with Settings as it exists now in Windows 11. Bring everything over and be done with it.
    • Elon Musk once again claims Tesla robotaxis are coming soon

      By olavinto · Posted

      We collect the few carcasses we get (as long as drivers report them, as they should) and while we have our fair share, we don't have nearly enough crashes with deer "to paint the roads with deer carcasses" in Finland. Also, if you can't handle the risks, DO NOT DRIVE. I really don't want everything to be so simple and stupid, that I don't have to worry about my surroundings (I also hate Apple devices because they kind of decide everything for you and offer very little customization vs. Android). Most people probably encounter much higher risks and dangers in their daily jobs than they encounter on roads. Just a few weeks ago I twisted my anckle at work while walking and I haven't had even a near miss with an animal in traffic for many years despite driving something like 27000+ km/year (there were a couple of off years in there too) and seeing many deer, a few moose and many smaller creatures on the road. I find it extremely rare to have deer stumble directly in front of me - it happens, but in my opinion not nearly enough to warrant considering it super dangerous (I actually find it exhilarating when it does happen as it changes the daily commute and it actually requires me to stay focused). It is probably more common to have some idiot with their face glued to their phone wonder in front of you or a kid on an electric scooter disregard all traffic rules. Here in the Nordics we also have plenty of snow and that kind of f's up anything that relies on lines or other clear lane indicators. The one time I have (kind of) started raging while driving was when I had a loan car from service and it had lane guidance. That freaking thing basically felt like it wanted to hit every pothole and bump it could and I really, really freaking hated it (came close to ripping the whole steering wheel of, I tell you . Didn't feel safer at all, quite the contrary, and it distracted me from the road more than anything else I've driven before, constantly fighting that f'ing thing to go where I wanted it to go (no clear lines, a crack in the pavement, etc. and it became confused as hell and required more adjusting than any traditional car). Also noteworthy that globally the amount of people with driver's licenses is pretty low (like under 20 %), many countries have great public transport systems and many walk and cycle (even during the winter).
    • Windows 11 Snipping Tool gets a useful new screen recording feature

      By tboggs13 · Posted

      The snipping tool has come a long way. Every feature they add reduces the need for third-party utilities; in the past it seemed MS shied away from adding features to some in-box tools just so there would be a more robust third-party developer base. Now that we finally have boxes, circles and arrows, can they finally add text bubbles?
    • New leak shows the design of the upcoming Nothing Headphone (1)

      By tboggs13 · Posted

      Makes me think of cassette tapes.
    • Review: Luxsin X9, a new entry into the world of high-end DAC and headphones amplification

      By Robbie Khan · Posted

      It's a custom built linear internal power supply which is isolated from the mainboard, it is very clean. External switching PSUs can be noisy and send that noise to the components. Linear external power supplies are expensive for good ones and are rare to see included with a device hence why they are sold optionally.

  • Recent Achievements

    • Week One Done
      BlakeBringer earned a badge
      Week One Done
    • Week One Done
      Helen Shafer earned a badge
      Week One Done
    • First Post
      emptyother earned a badge
      First Post
    • Week One Done
      Crunchy6 earned a badge
      Week One Done
    • One Month Later
      KynanSEIT earned a badge
      One Month Later

  • Popular Contributors

    1. 1
      +primortal
      660
    2. 2
      ATLien_0
      266
    3. 3
      Michael Scrip
      235
    4. 4
      Steven P.
      164
    5. 5
      +FloatingFatMan
      153
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!