Share via

How to Disable Single User Concurrent Logon

Anonymous
2024-05-30T14:20:03+00:00

Good evening,

I have conducted extensive research but have not found a satisfactory answer. I want to configure Active Directory so that when a domain user logs into a workstation on the Domain with their account, they cannot use the same account to log into another workstation in the company. If they attempt to do so, they should be either logged off from the first workstation or prevented from logging into the second workstation.

I found a solution that involves creating a shared file where each time a user logs in, a flag is created. If they attempt to log in elsewhere and try to write to the same file, they are prevented from doing so because there is already an entry. I don't like this solution as it is not very secure.

Is there another way more secure to implement this without using third party tools?

Thank you in advance.

Windows for business | Windows Server | Directory services | Active Directory

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-05-30T14:38:32+00:00

    Hello Alexandros Stratakos,

    Thank you for posting in Microsoft Community forum.

    Based on my knowledge, there is a similar way below you can try.

    There is a more secure way to implement this without using third-party tools. You can achieve this by configuring the "Logon Workstations" attribute in the user's Active Directory account properties.

    To do this, you can follow these steps:

    1. Open Active Directory Users and Computers.
    2. Find the user account you want to restrict to specific workstations.
    3. Right-click the user account and select "Properties."
    4. Click the "Account" tab.
    5. In the "Logon Workstations" section, select "The following computers" option.
    6. Enter the names of the workstations that the user is allowed to log in to, separated by commas.
    7. Click "OK" to save the changes.

    Once you have configured this attribute, the user will only be able to log in to the workstations that you have specified. If they try to log in to another workstation, they will receive an error message stating that they are not authorized to log in to that computer.

    I hope the information above is helpful.

    If you have any question or concern, please feel free to let us know.

    Best Regards,

    Daisy Zhou

    0 comments
  2. Anonymous
    2024-05-30T14:42:56+00:00

    Hello Daisy Zhou123,

    Thank you for the quick response.

    I have found this method during my research but that is not what I want to implement. I don't want to restrict access to the users to certain computers. I want all users to be able to log in to all workstations but not to two workstations concurrently.

    0 comments
  3. Anonymous
    2024-05-31T07:32:50+00:00

    Hello Alexandros Stratakos,

    Good day!

    I'm sorry, but as far as I know, I don't know of a setup or method that would implement your needs.

    Thank you for your understanding and support.

    Best Regards,
    Daisy Zhou

    0 comments