Re: windows domain question

From: Laura A. Robinson (larobins@bellatlantic.net)
Date: 04/19/02 

From: "Laura A. Robinson" <larobins@bellatlantic.net>
To: "Lee Seidman" <lseidman@yahoo.com>, <bejon@supertel.com>, "'Mike Coppins'" <mike@legolas.com>, <focus-ms@securityfocus.com>
Date: Fri, 19 Apr 2002 17:18:56 -0400

You're thinking of two different things, actually. There is a setting to
"delete cached copies of roaming profiles", and another to set "number of
previous logons to cache". Neither of them really relates to the original
question, but they are relevant if one wishes to prevent a user from caching
credentials (well, the second one, anyway).

Laura
----- Original Message -----
From: "Lee Seidman" <lseidman@yahoo.com>
To: <bejon@supertel.com>; "'Mike Coppins'" <mike@legolas.com>;
<focus-ms@securityfocus.com>
Sent: Friday, April 19, 2002 3:59 PM
Subject: RE: windows domain question

>
> I believe there is a policy setting in W2K Server that
> will automatically delete cached copies of user
> accounts that may help this particular scenario.
>
> Can't say for certain, but I think it is an option
> under Active Directory.
>
> - Lee
>
> --- Bejon Parsinia <bejon@supertel.com> wrote:
> > Mike,
> >
> > Speaking from experience, depending on the policies
> > in place on the network,
> > the laptop very well could retain sensitive
> > information about the domain.
> > My example is as follows, I take my laptop home with
> > me every night. It is
> > running Win2k Pro. I can leave my login information
> > exactly the same as
> > when I have it plugged into my domain at the office
> > when I login to the
> > laptop at home without any sort of VPN or public
> > access to my network.
> >
> > What does this mean? The laptop contains cached
> > information (username,
> > password, domain name) that does not necessarily
> > expire. I am just logging
> > in to use my laptop at home without connecting to
> > any resources other than
> > my internet connection at the house. Dangerous, you
> > bet. You can run
> > utilities to capture and recover those passwords
> > very easily. No need to
> > disconnect it from the domain whatsoever.
> >
> > Hope this helps,
> >
> > Bejon
> >
> > -----Original Message-----
> > From: Mike Coppins [mailto:mike@legolas.com]
> > Sent: Thursday, April 18, 2002 9:46 AM
> > To: focus-ms@securityfocus.com
> > Subject: windows domain question
> >
> >
> > If you connect a machine to a Windows domain, so
> > things like SIDs change,
> > machine IDs synchronised, etc, and then
> > disconnected, what happens exactly?
> > Does the node that gets disconnected generate a new
> > machine SID or does
> > information get left behind on the node?
> >
> > Putting the question into a scenario might help :)
> > If a laptop (NT4 or
> > Win2k) is connected to a domain, then is removed
> > from the domain (as in, an
> > admin goes into network properties and tells the
> > machine that it is part of
> > a bog standard workgroup again, is the laptop going
> > to retain any
> > information that it belonged to a domain before, and
> > possibly security
> > sensitive information about the domain?
> >
> >
> >
> > --
> > Mike Coppins
> > mike@legolas.com
> > http://www.legolas.com/
> > Currently looking for work:
> > http://www.legolas.com/mikes/cv.html
> >
> >
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Tax Center - online filing with TurboTax
> http://taxes.yahoo.com/

Relevant Pages

  • RE: windows domain question
    ... accounts that may help this particular scenario. ... > the laptop very well could retain sensitive ... > in to use my laptop at home without connecting to ... > disconnect it from the domain whatsoever. ...
    (Focus-Microsoft)
  • RE: windows domain question
    ... After joining then leaving the domain into some workgroup, ... Subject: windows domain question ... I think what Mike was asking is, what happens if a laptop is removed from a ... As far as passwords that may have been ...
    (Focus-Microsoft)
  • Re: windows domain question
    ... As far as cached credentials, those can be easily controlled via group ... > the laptop very well could retain sensitive information about the domain. ... > in to use my laptop at home without connecting to any resources other than ... > disconnect it from the domain whatsoever. ...
    (Focus-Microsoft)
  • generic host process for win32
    ... Whenever I start my IBM laptop, the first thing I do is connect ... Internet through VData card. ... Disconnect to disconnect the Internet, ... It ssys "The modem (or other connecting device) is already in ...
    (microsoft.public.windowsxp.general)
  • Re: windows Hardware installation
    ... has corrupted.In this model there is no option of external Hard disk to boot..I have tried of many option to boot by connecting external hard disk. ... Plz give me a clear solution to boot up my System. ... you disassemble the laptop. ...
    (microsoft.public.windowsxp.hardware)