RE: NT4 Phantom user after rename

From: stever@fyiowa.com
Date: 12/14/01 

From: stever@fyiowa.com
To: focus-ms@securityfocus.com
Date: Fri, 14 Dec 2001 12:08:04 -0600

First, thanks to all the replys. Here some additional info and answers to
your questions.

DCs are synced.
Login is not cached as we can login from machines for the first time.
Yes I can create a user with the old username and delete them. At that
point the password is changed to the one in use when deleted.

New Info - This only works when logging on with a MacIntosh!!!!!
Our NT4 PDC has Services for MacIntosh running.
Rename is not the issue, more testing has revealed this also works with
accounts that have been deleted, not renamed.
The MacIntoshes can also log into accounts that have been deleted months ago
and were never logged into by a Mac before.

Yikes! At this point I cannot find a way to stop a MacIntosh from logging
into deleted accounts if you know the password!!!

-----Original Message-----
From: Brandely, Chris [mailto:chris.brandely@westam.com]
Sent: Thursday, December 13, 2001 3:30 PM
To: 'stever@fyiowa.com'; focus-ms@securityfocus.com
Subject: RE: NT4 Phantom user after rename

A question:

Can you then create a user with the old username? If you can, can you then
delete that new user to prevent logong using that username?

(I guess that's two questions...)

Chris Brandely
WestAM (USA)

-----Original Message-----
From: stever@fyiowa.com [mailto:stever@fyiowa.com]
Sent: Thursday, December 13, 2001 12:01 PM
To: focus-ms@securityfocus.com
Subject: NT4 Phantom user after rename

We have confirmed that if you rename a user with user manager, you can sign
in as the original user even though they are no longer listed in the user
list. The old username even shows up as a successful login in the event
viewer. We can also login with the new name. The old and new names both
have access to the same email account on Exchange. The only difference
between the original name and the renamed name is that you can no longer
change your password on the original name.

All domain controllers are NT4.0 SP6a
Any ideas?

Thanks,
Steve Ribble - MCSE, CCSE
Gazette Communications

Relevant Pages

  • Re: Unable to log into OWA despite using correct username and pass
    ... the OWA interface despite using the correct username and password. ... OWA login page is displayed correctly but when trying to login users get ... "You could not be logged on to Outlook Web Access. ... The issue is affecting all accounts including the 'Administrator' ...
    (microsoft.public.exchange.clients)
  • Re: Replacing an old employees rights with a new employee username...
    ... I used to rename the accounts when people changed jobs, ... based on a username stored in the registry. ... username and the actual name of the terminated employee, replacing those ...
    (microsoft.public.win2000.general)
  • Re: Replacing an old employees rights with a new employee username...
    ... I used to rename the accounts when people changed jobs, ... based on a username stored in the registry. ... username and the actual name of the terminated employee, replacing those ...
    (microsoft.public.backoffice.smallbiz2000)
  • Re: Unable to log into OWA despite using correct username and password
    ... the OWA interface despite using the correct username and password. ... OWA login page is displayed correctly but when trying to login users get ... The issue is affecting all accounts including the 'Administrator' ... SET' and 'synchiwam.vbs' utilities as a precaution but with no success. ...
    (microsoft.public.exchange.clients)
  • Re: More massive Safari problems!
    ... username and password. ... He then then gets a drop down of all 5 of his accounts. ... such things similar to Windows. ... So there is a setting where I can click on the blank space in a login ...
    (comp.sys.mac.advocacy)