Create email only user account (prevent login to domain computers)

There are many ways to prevent Active Directory users from logging on to certain computers. For large and more complicated scenarios it's best to use Group Policy.

But if I need to create a few "email only" user accounts I normally do following:

Read more: Create email only user account (prevent login to domain computers)

Disable User Account Control (UAC) via Group Policy

To disable User Account Control (UAC) via Group Policy (GPO) configure following GPO policies:

Read more: Disable User Account Control (UAC) via Group Policy

Enable Group Policy (GPO) logging

To enable GPO startup / shutdown / log-on / log-off logging:

• Open registry editor (regedit.exe) and navigate to:
  HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics
  Create key "Diagnostics" if it does not exist.
• Create new DWORD Value called GPSvcDebugLevel and set value (HEX) to 0x30002
• Restart the PC

Windows 7

Changing Windows Server Domain Controller IP Address

Changing Windows Server Domain Controller static IP address is a simple operation. You can do this using Internet Protocol (TCP/IP) Properties GUI, as you would for any other Server or Client PC.

After changing the IP address, run ipconfig /registerdns and dcdiag /fix.

Read more: Changing Windows Server Domain Controller IP Address