Microsoft KB Archive/292536

= HOW TO: Restrict Users from Gaining Access to a Domain Controller by Using Telnet =

Article ID: 292536

Article Last Modified on 10/31/2006

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q292536





IN THIS TASK
SUMMARY
 * Create a Global Security Group

REFERENCES



SUMMARY
This article explains how to restrict users from gaining access to a Windows 2000-based domain controller when they use the Telnet service.

back to the top

Create a Global Security Group
To restrict users from gaining access to a Windows 2000-based domain controller when they use the Telnet service, create a global security group, and then add the users that you want to have access to the Windows 2000-based computer by using the Telnet service. To do so:
 * 1) In Control Panel, double-click Administrative Tools, and then double-click Active Directory Users and Computers.
 * 2) Click the Users container.
 * 3) Click Action, click New, and then click Group.
 * 4) In the Group Name box, type TelnetClients.
 * 5) In the Description box, type a description of the group.
 * 6) Confirm that Global is entered in the Group Scope box, and then confirm that Security is entered in the Group Type box.
 * 7) Click OK, and then add the users who you want to have Telnet access to the domain controllers to the global security group that you just created.

NOTE: When there is a TelnetClients group, only users who are members of this group have Telnet access to the domain controllers in the domain, unless those users are administrators of the domain. Members of the Administrators group always have access by using Telnet even if they are not members of the TelnetClients group.

back to the top

