Add the users to the security setting 'Deny logon locally' in a domain wide GPO and apply it to all computers or create a GPO, filtered for those users (put them in a group and filter it that way) ...
Results that may be inaccessible to you are currently showing.
Hide inaccessible results
Feedback