How do I create a captive account? - 09 Aug 2000

A. It is not possible to create a captive account, however you can force a user to run a program, and if they close that program they can be logged out:

The file Logout.exe just logs out the user. It is also possible to restrict a Users applications using the Policy Editor. From the Policy Editor you can select which applications a User can run (make sure you give them Explorer!).

Microsoft have also created the zero administration kit which allows a user to be confined to a single application or a set of applications.

This is a short WSH script written for NT workstations to automatically logon to a terminal server using a generic Staff account. The user would then logonto WTS with their fully featured account to an environment befitting their role(most single App users)

The Staff shell was set to wscript \SERVERNETLOGON==============================================dim objShell, bLogOff
Set objShell=CreateObject("WScript.Shell")
bLogOff=FALSE
' Merge reg setting for MSTSC
objShell.Run "regedit /s \SERVERNETLOGONWTSCon.reg",0,FALSEDo
ObjShell.Run """c:program filesterminal server clientmstsc.exe" & """" & "Server" &"""",,TRUE
if Msgbox("Logoff?",vbquestion+vbyesno+vbDefaultButton2,"LogoffSystem")=vbYes then bLogOff=TRUE
Loop While bLogOff=FALSE
objShell.Run "\SERVERNETLOGONLogoff /N",0,FALSE
' NB shutdown.exe also an alternative==============================================