Logon/Logoff Times

K

Kelly Armitage

I have a domain controller running Server 2003. There are several user
accounts specified with limited logon times. I accomplished through the user
properties/account tab in AD.

It works fine to prevent someone from logging in when not during the
acceptable times I have specified (from an XP SP2 machine), however it does
not boot them out when their logon time has expired. I have enable "force
shutdown when time expires" from multiple places, including group policy,
domain security policy and domain controller security policy yet it never
does boot the user off ..... only prevent them from logging in the first
place. Not much good if they can just stay connected beyond their permitted
times. Does anyone have any suggestions as to what I am missing? What else
I can try or check?

Thanks everyone :)
 
A

AaronK

You need to set the policy "force logoff when time expires"

Aaron

"Kelly Armitage" <KellyArmitage@discussions.microsoft.com> wrote in message
news:BE3DB424-EB5D-4B6D-8F26-A4B419170E71@microsoft.com...
>I have a domain controller running Server 2003. There are several user
> accounts specified with limited logon times. I accomplished through the
> user
> properties/account tab in AD.
>
> It works fine to prevent someone from logging in when not during the
> acceptable times I have specified (from an XP SP2 machine), however it
> does
> not boot them out when their logon time has expired. I have enable "force
> shutdown when time expires" from multiple places, including group policy,
> domain security policy and domain controller security policy yet it never
> does boot the user off ..... only prevent them from logging in the first
> place. Not much good if they can just stay connected beyond their
> permitted
> times. Does anyone have any suggestions as to what I am missing? What
> else
> I can try or check?
>
> Thanks everyone :)
 
K

Kelly Armitage

No, thanks for the input but that only cuts smb traffic (access to network
shares) it does not forcibly log off a user.

"AaronK" wrote:

> You need to set the policy "force logoff when time expires"
>
> Aaron
>
> "Kelly Armitage" <KellyArmitage@discussions.microsoft.com> wrote in message
> news:BE3DB424-EB5D-4B6D-8F26-A4B419170E71@microsoft.com...
> >I have a domain controller running Server 2003. There are several user
> > accounts specified with limited logon times. I accomplished through the
> > user
> > properties/account tab in AD.
> >
> > It works fine to prevent someone from logging in when not during the
> > acceptable times I have specified (from an XP SP2 machine), however it
> > does
> > not boot them out when their logon time has expired. I have enable "force
> > shutdown when time expires" from multiple places, including group policy,
> > domain security policy and domain controller security policy yet it never
> > does boot the user off ..... only prevent them from logging in the first
> > place. Not much good if they can just stay connected beyond their
> > permitted
> > times. Does anyone have any suggestions as to what I am missing? What
> > else
> > I can try or check?
> >
> > Thanks everyone :)
>
>
>
 
You must log in or register to reply here.

Similar threads

J
Active Directory - Protected Users cannot logon anymore with SamAccountName after forest and domain functional level update
Replies
0
Views
55
Jean-Mi Jac
J
U
NPS policy not matching unless domain admin
Replies
0
Views
44
UrbanizedJam
U
A
Trouble Playing Logon, Logoff, and Shutdown Sounds In Windows 10
Replies
0
Views
44
AnnabelleBaradine
A
A
Trouble Playing Logon, Logoff, and Shutdown Sounds In Windows 10
Replies
0
Views
37
AnnabelleBaradine
A
D
Missing GPO for LAPs
Replies
0
Views
51
dbnumberiv
D
Back
Top Bottom