At my organization we have restricted workstation logon rights to only the user's personal workstation for security reasons. We recently installed a linux web server that uses LDAP to authenticate with Active Directory. The only way this works correctly is if the users have log on to rights to the domain controller in addition to their personal workstations. Does restricting log on to rights through active directory kill the use of LDAP for authentication? Would allowing log on to rights to a DC be a security issue? The users would not be able to actually log in to the DC because they are not a local admin.
Thanks.
Thanks.