RE: Preventing multiple logins in 2003

From: dave kleiman (dave_at_isecureu.com)
Date: 01/28/05

  • Next message: Miroslaw Slawek Chorazy: "RE: RESPONSE: Users "bypassing" Group Policy restrictions" 
    To: <focus-ms@securityfocus.com>
Date: Fri, 28 Jan 2005 17:48:14 -0500

    There is CCONNECT from MSFT but requires SQL.

    Then from JSIINC there is:

    http://www.jsiinc.com/SUBR/tip8700/rh8768.htm

    Which is a login script using PsShutdown.exe and PsLoggedOn.exe from
    Sysinternals www.sysinternals.com

    Both are free... Cheers!

    ____________________________________________
    Dave Kleiman, CIFI, CISM, CISSP, ISSMP, MCSE

    www.SecurityBreachResponse.com

    -----Original Message-----
    From: Martin Mewes [mailto:mm@mewes.tv]
    Sent: Friday, January 28, 2005 02:14
    To: focus-ms@securityfocus.com
    Subject: Re: Preventing multiple logins in 2003

    Hi Ian,

    Ian Turnbull <ian.turnbull@mpsgi.com> wrote :

    > It has been noted that some of our user base are allowing other
    > members of staff to login using their user account. We are currently
    > in the process of moving to a fully functional 2003 domain and I would
    > like to disable concurrent logons via group policy. Any suggestions?

    We had the same problem here and did not come to any conclusions.
    For now we have written a little logon script which writes a lock into the
    $home of the user like this ...

    :test
    if not exist \\path\logged.in goto login logout.exe

    :login
    echo lock > \\path\logged.in
    ...

    ... together with a logout script which deletes the lock. Anyway from time to
    time we run into trouble if a users machine has a blue screen or something so
    tha admin has to delete the lock manually.

    We thought about locking the user to a collection of single machine (which is
    possible since NT4) but not sure if this really helps.

    bis dahin/kind regards

    Martin Mewes

    ---------------------------------------------------------------------------
    ---------------------------------------------------------------------------

  • Next message: Miroslaw Slawek Chorazy: "RE: RESPONSE: Users "bypassing" Group Policy restrictions"

    Relevant Pages

    • Failed Login to Only Spit Out message after 3 Failed Tries
      ... To amend a SOXIT deficiency I wrote a script to lock out the user if ... they failed 3 login attempts. ... So the script I wrote scanned the /var/adm/messages file and filtered ... for he date and the pattern "Failed Password". ...
      (comp.security.ssh)
    • Re: Hacker activity?
      ... >login to a server, most as root but some are attempts to login to ... >telnet, all come from the same remote server, and all fail. ... >getting some odd cgi calls to a script on a secure ssl server. ... Make sure root cannot login to your system via ssh. ...
      (freebsd-questions)
    • Re: [opensuse] BASH: has $COLUMNS gone nuts?
      ... You do realize that lines & columns are dynamic values which at least some terminals and login daemons will continuously adjust right? ... What the above shows is that I dragged the corner of my PuTTY window (which was connected to sshd, not every terminal client nor every server daemon does this) making the window a little larger and without issuing any commands, and no possibility that any bashrc or inclusions got executed, the values changed, because the terminal told the daemon and the daemon told it's child processes. ... Try calling them from within a script: ... Although, I would also actually be perverse and say that since the SCO systems predate most others, including ALL linux, that you could actually make the argument that the dwindling remaining production sco boxes in the world are right and the 90 million linux & freebsd & sun boxes are all wrong. ...
      (SuSE)
    • Abusing poor programming techniques in webserver scripts V 1.0
      ... $login = Request.Form ... fool the database parser. ... verified in the script of access to the database, ... The SQL statement will be parsed by the database manager, ...
      (SecProg)
    • Re: Limit desktop & start menu
      ... Create a login script that runs when users log into the TS, and map the R: ... persisitent "R" drive on the server itself and that may cure it. ...
      (microsoft.public.windows.terminal_services)