The hours during which a user has access to the network. In Microsoft Windows NT, administrators use User Manager for Domains to establish logon hours and other restrictions for each user account.
In Windows 2000, administrators use Active Directory Users and Computers, which is implemented as a snap-in for Microsoft Management Console (MMC). Logon hours can be applied on either a permit or deny basis.
Graphic L-14. Logon hours.
When a user’s logon hours expire, the user can continue to work on the workstation but cannot access any network resources except the resources that are already open, such as the shares that the user is accessing. In Windows NT, you can disconnect users from all network resources when their hours expire by choosing Policies from the User Manager for Domains menu bar, selecting Account, and then selecting Forcibly Disconnect Remote Users From The Server When Logon Hours Expire at the bottom of the Account Policy dialog box.
For security reasons, you might want to restrict logon hours for ordinary users to company working hours. This reduces the chance of accounts being used for unauthorized access during off hours.