In addition to not finding a workaround to unset allowed workstations
in "Log On To" the command "net sam list workstations"
provides the
same output as "net sam list users" - both list all users and member
workstations.
On Mon, Dec 11, 2017 at 10:36 AM, Sonic <sonicsmith at gmail.com>
wrote:> Sometime ago had migrated from a PDC (samba3) to an AD (samba4)
> environment. In the PDC environment setting the allowed workstations
> for each user was done with the "net sam set workstations"
command and
> could also easily be unset (using "" as the last argument).
>
> I now wish to move to a GPO for login control but removing the
> limitations put in place are no longer working - I can change the
> allowed workstations with "net sam set workstations" but can no
longer
> remove them:
>
> net sam setworkstations user ""
> or
> net sam setworkstations user ''
>
> no longer works to remove the assigned list.
>
> Currently on 4.6.6.