How To Prevent the Name of the Last Logged-On User from Being Displayed in the Log On to Windows Dialog Box in Windows Server 2003 (324740)


The information in this article applies to:

  • Microsoft Windows Server 2003, Datacenter Edition
  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows Server 2003, Web Edition
  • Microsoft Windows Server 2003, 64-Bit Datacenter Edition
  • Microsoft Windows Server 2003, 64-Bit Enterprise Edition
  • Microsoft Windows Small Business Server 2003, Standard Edition
  • Microsoft Windows Small Business Server 2003, Premium Edition
This article was previously published under Q324740
For a Microsoft Windows 2000 version of this article, see 310125.

IN THIS TASK

SUMMARY

This article describes how to prevent the name of the last logged-on user from being displayed in the Log On to Windows dialog box.

By default, Windows displays the name of the last user who successfully logged on to the computer. This name is displayed in the Log On to Windows dialog box. Security administrators may prefer that the last logged-on user name not be displayed in the Log On to Windows dialog box. Although this configuration requires that users must type their user name (and password) each time that they log on, it can help to prevent attempts by unauthorized users to gain access to the computer.

You can use Group Policy to prevent the name of the lasted logged-on user from being displayed in the Log On to Windows dialog box. The group policy can apply to the local computer, sites, domains, and organizational units (OU).

back to the top

How to Prevent the Last Logged-On User Name from Being Displayed in the Log On to Windows Dialog Box

  1. Click Start, click Run, type mmc in the Open box, and then click OK.
  2. On the File menu, click Add/Remove Snap-in.
  3. Click Add.
  4. Click Group Policy Object Editor, and then click Add.
  5. Click the target Group Policy object (GPO). The default GPO is Local Computer. Click Browse to select the GPO that you want, and then click Finish.
  6. Click Close, and then click OK.
  7. Expand the group policy object, expand Computer Configuration, expand Windows Settings, and then expand Security Settings.
  8. Expand Local Policies, and then click Security Options.
  9. In the right pane, double-click Interactive logon: Do not display last user name.
  10. Click to select the Define this policy setting check box (if it is present), and then click Enabled.
  11. Click OK.
back to the top

Troubleshooting

Microsoft Windows NT 4.0-based computers do not support Windows Server 2003 Group Policy. For additional information about how to remove the last logged-on user name from the logon dialog box in Windows NT 4.0, click the article number below to view the article in the Microsoft Knowledge Base:

114463 Hiding the Last Logged On Username in the Logon Dialog

back to the top

REFERENCES

For more information about working with Group Policy in Windows Server 2003, see Group Policy Help. To do so, click Help on the Action menu in the Group Policy Object Editor snap-in, click the Contents tab, and then click Group Policy.

back to the top
Modification Type:MinorLast Reviewed:7/15/2004
Keywords:kbMgmtServices kbhowto kbHOWTOmaster KB324740 kbAudITPro
©2004 Microsoft Corporation. All rights reserved.