NT4.0 domain... is this possible... - Windows NT

This is a discussion on NT4.0 domain... is this possible... - Windows NT ; Hi, I have a Windows NT4.0 SP6 domain with mixed NT, 2K, and XP clients is it possible for me to do all of the below... o Have Clients that can only log on to the domain (no local logon) ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: NT4.0 domain... is this possible...

  1. NT4.0 domain... is this possible...

    Hi,

    I have a Windows NT4.0 SP6 domain with mixed NT, 2K, and XP
    clients is it possible for me to do all of the below...

    o Have Clients that can only log on to the domain (no local logon)

    o All users have full Administrator access to their own machine
    but only whatever rights I assign them when it comes to the domain.

    o No roaming profiles, we don't hot seat and every user has there
    own machine so there is no need for this. Only local accounts are
    wanted but with domain privalages.

    o No side effect when laptop users are out of the office (i.e "domain
    server can't be reached, blah blab blah..."

    Can I have all of this? or do I need to unify server and workstation
    OS's? and if I do... what to?

    Cheers,
    Dave.


  2. Re: NT4.0 domain... is this possible...

    >I have a Windows NT4.0 SP6 domain with mixed NT, 2K, and XP
    >clients is it possible for me to do all of the below...


    All are quite possible. Sort of.

    > o Have Clients that can only log on to the domain (no local logon)


    This one is problematic, and probably not exactly what you want, but
    you can simply remove local accounts in the workstations and use a
    policy to require authentication to the domain account.

    > o All users have full Administrator access to their own machine
    > but only whatever rights I assign them when it comes to the domain.


    Make the Domain Users account a member of the local admin group on all
    the workstations. Done. But it *does* negate the first one, soince
    they can now change their local access.

    > o No roaming profiles, we don't hot seat and every user has there
    > own machine so there is no need for this. Only local accounts are
    > wanted but with domain privalages.


    Just don't use roaming rpofiles. No biggie here.

    > o No side effect when laptop users are out of the office (i.e "domain
    > server can't be reached, blah blab blah..."


    Best is to use a hardware profile on the laptop, one for "On Network"
    and one for "Off Network", and not using the NIC in the off network
    profile. If they need access to multiple networks this won't work.
    Also, off the network they'll need local accounts, thus again negating
    your first item.

    >Can I have all of this? or do I need to unify server and workstation
    >OS's? and if I do... what to?


    Work them through one at a time on a test system or systems. Then
    roll it out.

    Jeff

+ Reply to Thread