Hi all,
I just faced a scenario where i had to lock out a certain user from various core folders in a windows 2000 AD network on short notice.
Now i suppose the easy way would to have a lockout group prepaired earlier which has been added to the access control lists of the relevant folders with deny ticked in all the boxes. Then you just add the user to this group and next time they log in they will be denied access to the folders.
The problem with that is you have to log the user out and they have to log back in before the changes will take effect.
Does anyone know of a way to do this that will take effect immediately, without logging out the user??
The way i ended up doing it was to fevorishly go through each folder and deny the username. But i figure there had to be a better way.
Thanks for any help.
--cb
I just faced a scenario where i had to lock out a certain user from various core folders in a windows 2000 AD network on short notice.
Now i suppose the easy way would to have a lockout group prepaired earlier which has been added to the access control lists of the relevant folders with deny ticked in all the boxes. Then you just add the user to this group and next time they log in they will be denied access to the folders.
The problem with that is you have to log the user out and they have to log back in before the changes will take effect.
Does anyone know of a way to do this that will take effect immediately, without logging out the user??
The way i ended up doing it was to fevorishly go through each folder and deny the username. But i figure there had to be a better way.
Thanks for any help.
--cb
