How To Use Active Directory’s Account Log On To Feature to Limit RDP Computer Access

I never used Active Directory’s Account Log On To feature to limit computer access for certain user accounts before. So when I had to do it the other day, I thought I can just simply put the computer name in the Log On To computer list for that user account and call it a day.

image 3 - How To Use Active Directory's Account Log On To Feature to Limit RDP Computer Access

Guess I was wrong. I kept getting this error message telling me that either the credential is wrong or something like below.

image 4 - How To Use Active Directory's Account Log On To Feature to Limit RDP Computer Access

So, what went wrong?

The problem is more in the wording. While it says “Log On To” and “Logon Workstations”, it actually means the computers from both ends. For example, if User-A needs to RDP in Computer-B from Computer-A. Both Computer-A and Computer-B’s names need to be in the Logon Workstations list. Missing either one will result in not being able to remote in.

Leave a Reply

Your email address will not be published.