How to prevent same ID/passwords across different machines?

[dm318]

This is a security related question. How can I prevent a user with identical ID and password on machine A to access resources on machine B? Refering to W2K across all service packs and hardware makes. Any idea anyone? Any scripts or registry tweaks? Thank you.

 

[kippy13]

Is the user logging onto a domain or networked environment?

"Sometimes I do not know but I try hard"- R.F. Haughty 1923

 

[dm318]

The ID and password is a local account. Not a domain account. The machines are members of a domain.

 

[kippy13]

If the user only has a local account on one machine how can they log onto another machine without an account on it?
Do the logons not authenticate to the domain?

"Sometimes I do not know but I try hard"- R.F. Haughty 1923

 

[dm318]

Perhaps I should have been clearer... Both machines A and B has identical local ID and passwords. So... the question is, how can we prevent one from accessing the other?

 

[kippy13]

Disable the account on one of the machines.
I dont think theres another way unless some network interactivity takes place.

"Sometimes I do not know but I try hard"- R.F. Haughty 1923

 

[bcastner]

On the machine with shares you want to protect, add to the local logon script:

C:\WINNT>net stop srv

It will return as messages:
The Server service is stopping.
The Server service was stopped successfully.

This stops all CIFS (SMB) sharing at that workstation.

 

[wolluf]

Remove the user id/password duplication? (either set up a new user id/password on machine B and remove the user id/password that's used on machine A from machine B - or just change its password on machine B).