How to restrict some users to log in?

Giganews Newsgroups
Subject: How to restrict some users to log in?
Posted by:  Harvey (Harv…
Date: Mon, 16 Oct 2006

We have a Win 2003 domain that has several OUs.  Each OU has several
user-groups for different Labs -- for security issues, e.g. file sharing,
printer sharing etc.  Currently, all users in a OU can login to any computer
belongs to that OU (not neccessary in the same Lab).  Now, a director of a
asks me if there is a way to allow only users in his lab be able to log in
to his lab's computers.  That is only one group of users can log in some
computers, but other user-groups cannot log in those computers even they are
in the same OU.  Is it possible to do this?  How to do it?

Any help or link is greatly appreciated!