Re: Built In Admin account vs Created one
From: Steven L Umbach (n9rou_at_comcast.net)
Date: 08/31/03
- Next message: wutsitallabout: "Re: Built In Admin account vs Created one"
- Previous message: Jack Seredyniecki: "Re: Local admin rights on a domain controller?"
- In reply to: wutsitallabout: "Re: Built In Admin account vs Created one"
- Next in thread: wutsitallabout: "Re: Built In Admin account vs Created one"
- Reply: wutsitallabout: "Re: Built In Admin account vs Created one"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 31 Aug 2003 01:56:26 GMT
Wow. There seems to be a lot of that going one [service pack upgrades/patches
causing complaints]. Keep in mind that a user who is in the administrator group may
somewhere - ntfs, registry, security options, services, user right assignments, etc
have different settings applied to them [for instance administrator may be in a
setting for a user rights assignment, but not administrators group]. However they
have the power to change those settings - if they know what they are. What you may
want to try is to reset a machines security settings back to default or start with at
least part of it. See the related KB link on how to do such, and you could use the
area option /areas with secedit to reset just say user rights - /areas user_rights.
I don't know what could be causing it, but when something unusual is going on always
run virus scan. In addition check Event Viewer for and unusual errors. You could also
use some of the utilities from Sysinternals such as Regmon and Filemon that may
pinpoint where you are being denied access to files or registry keys. It would also
be a good idea to scan for trojans and maybe adware/spyware. --- Steve
http://support.microsoft.com/default.aspx?scid=kb;EN-US;313222
http://swatit.org/download.html -- Trojan scanner
http://spybot.eon.net.au/ -- Adware/spyware/malware scanner.
http://www.sysinternals.com/ntw2k/utilities.shtml -- Sysinternals freeware.
http://www.microsoft.com/windows2000/techinfo/planning/security/secdefs.asp -- Description
of adminstrators group.
"wutsitallabout" <wutsitallabout@comcast.net> wrote in message
news:035701c36f5d$d356ab20$a301280a@phx.gbl...
>
> Thanks So Much Steve.
> I had expected and hoped to hear that. However, we are
> experiencing some strange occurances with created Admin
> accounts. Such as random access denied, no sufficient
> permissions to perform the task...(can't remember exact
> words) errors to admin tasks. A co-worker believes that
> the 2 accounts are different. Actually 2 co-workers claim
> that when logged to each, the behaviour is different. I
> myself have experienced it while logged on as the Built in
> Administrator.
>
> Ok so now I really am worried that something evil is going
> on. All machines have renamed Admin accounts, Current
> AntiVirus software. Security policies/settings have all
> been followed per Microsoft suggestions as far as we can
> tell.
>
> Do you have any ideas what could be causing this? Also, is
> there anyway that I can prove to my co-workers that the
> accounts are supposed to function the same?
>
> Thanks Again
- Next message: wutsitallabout: "Re: Built In Admin account vs Created one"
- Previous message: Jack Seredyniecki: "Re: Local admin rights on a domain controller?"
- In reply to: wutsitallabout: "Re: Built In Admin account vs Created one"
- Next in thread: wutsitallabout: "Re: Built In Admin account vs Created one"
- Reply: wutsitallabout: "Re: Built In Admin account vs Created one"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
