RE: DCOM Hole Fix Suggestions

From: ShoobieRat (ianperiodschue_at_towersoftperiodcom)
Date: 10/15/04

  • Next message: Ulises: "Re: FIREWALL OPTION DISSAPEAR ON WINDOWS XP PROFESSIONAL" 
    Date: Fri, 15 Oct 2004 08:49:09 -0700

    Sorry, I left out a detail.

    After I log off as me, and log back in as the new local account (the local
    account with the same name as the domain server admin), I then go to the
    network folder and try to access the server.

    Windows throws up a login screen.

    I log in as my DOMAIN account, despite being logged on currently as this
    local account.

    I then try to access a program that athenticates through DCOM, and it lets
    me in. It looks to see that my login name is the same as the admin name, and
    lets me in.

    ???

    "ShoobieRat" wrote:

    > Here's the scenario:
    > Two EXISTING users on domain:
    > a_user - who is a regular domain user (no admin rights to server)
    > b_user - is an admin on the domain and server
    >
    > I'm logged in on my computer, through my domain account as a_user. I'm a
    > member of the network (domain) but do not have admin-rights to the server.
    >
    > I create a LOCAL user account, with the login name "b_user" and give it some
    > password. I make b_user a local administrator on my machine (which I can do
    > since I am an administrator on my local machine). Essentially, i have created
    > a local user on my box that has the same name as an admin on the domain.
    >
    > I then log off as a_user.
    >
    > I log on as the local b_user I just created.
    >
    > I now have access to the server as b_user, with admin rights to the server.
    >
    > ???
    >
    > Microsoft states they know about this problem.
    >
    > Is there a way to stop this from happening?

  • Next message: Ulises: "Re: FIREWALL OPTION DISSAPEAR ON WINDOWS XP PROFESSIONAL"

    Relevant Pages

    • Re: Restored Server but SharePoint refusing admin access
      ... > SID/BID or remove the user from the database and add it again. ... >, In SQL Configuration Manager go to SQL> Server ... > you had) you cannot access the database from that account. ... > newly added administrator account (for me, since I added a new admin ...
      (microsoft.public.windows.server.sbs)
    • Web Server - User Access and Priviledges.
      ... restriction policy that came out with the server 2003 ... Have a logon for your everyday use and one admin ... account that your or only a few people have access to. ... >Create a second Administrator account on each Web Server. ...
      (microsoft.public.win2000.security)
    • Re: Restored Server but SharePoint refusing admin access
      ... SID/BID or remove the user from the database and add it again. ... In SQL Configuration Manager go to SQL Server ... you had) you cannot access the database from that account. ... newly added administrator account (for me, since I added a new admin account ...
      (microsoft.public.windows.server.sbs)
    • Re: Protecting database from administrators
      ... If you remove the Builtin\Administrators account all you ... This resolves any of the below issues. ... server resides. ... removing "System Admin" role ...
      (microsoft.public.sqlserver.security)
    • At wits end with Portal Search errors
      ... Content for this URL is excluded by the server because a no-index ... account to access this URL. ... Added in a correct Proxy server and a fake one in Central admin ...
      (microsoft.public.sharepoint.portalserver)