The Windows 2000 Server Resource Kit has the Cconnect.exe tool to prevent users from logging on more than once.
In tip 0296 » A better way to prevent a user from logging on more than once, I introduced a freeware solution that might work in your environment.
@echo off setlocal ENABLEDELAYEDEXPANSION :: Your normal logon script code here. :: Duplicate logon code here set DUP=N :: Is the user logged on using this domain account on any other workstation? for /f "Tokens=*" %%a in ('%LOGONSERVER%\NETLOGON\psloggedon.exe -L %UserName%^|FIND /I "%UserDomain%\%UserName%"^|FIND /I /V "%ComputerName%"') do ( set DUP=%%a :: The following 3 lines are optional. They send a message to the users other workstation. set DUP=!DUP:*logged onto =! set DUP=!DUP: locally.=! net send !DUP! You attempted to logon to %ComputerName%, but you were already logged onto !DUP!. Only one logon is allowed. ) if "%DUP%" EQU "N" endlocal&goto :EOF :: Log the user off this workstation. %LOGONSERVER%\NETLOGON\psshutdown.exe -oNOTE: You must copy PsShutdown.exe and PsLoggedOn.exe to the NETLOGON share of all your domain controllers.
NOTE: See Microsoft releases LimitLogin v1.0.