Re: Q: Windows 2000 Professional Security

From: Jeff Cochran (jcochran.nospam_at_naplesgov.com)
Date: 12/18/03 

Date: Thu, 18 Dec 2003 16:37:55 GMT

On Thu, 18 Dec 2003 14:34:02 +0300, "Lord Deekay"
<do.not.reply@deekaycorp.com> wrote:

You missed crossposting to the alt.britneyspears group...

>Can anyone tell me if it's possible for a Windows 2000 Professional client
>computer to join a domain without the owner's knowledge? Here is the
>scenario:
>This Windows 2000 Professional client computer is on a network with a leased
>static IP address from a domain server. The local account access is strictly
>private and no one other than the client computer's owner knows the
>passwords. One day this computer's owner logs on to the client computer and
>perform the daily average routine. When the owner logs off and then logs on
>again, the local account accesses including that of the default administor
>has been denied. When disaster recovery procedure was performed and the
>local account accesses has been gained, the owner learns that the client
>computer has joined the domain!!! No one knows the local account passwords
>to this computer. No one physically accessed this computer other than the
>owner. How can this possibly be done? Please, help me find out what caused
>this.

Scripting it is possible. Does the local administrator's group have
any other accounts? Is the user qualified to know whether they joined
a domain or not? Virus scanner, critical updates, service packs all
current? Did you enable auditing?

Jeff

Relevant Pages

  • Re: Windows 2000 Professional Security
    ... >> private and no one other than the client computer's owner knows the ... One day this computer's owner logs on to the client computer ... the local account accesses including that of the default ...
    (microsoft.public.win2000.security)
  • Re: Windows 2000 Professional Security
    ... It is possible if someone else had undetected administrator access to that ... > Can anyone tell me if it's possible for a Windows 2000 Professional client ... One day this computer's owner logs on to the client computer ... the local account accesses including that of the default administor ...
    (microsoft.public.windows.server.security)
  • Re: Windows 2000 Professional Security
    ... It is possible if someone else had undetected administrator access to that ... > Can anyone tell me if it's possible for a Windows 2000 Professional client ... One day this computer's owner logs on to the client computer ... the local account accesses including that of the default administor ...
    (microsoft.public.win2000.security)
  • Local user policy
    ... I'm looking for an easy and fast way to change the local account settings of ... client computer from users. ... What i want is to change the local account policy ... he/she will be member of the "super user" group. ...
    (microsoft.public.windows.server.sbs)
  • local account and domain account in client computer
    ... if the client computer is logged on using the ... local account it can't install the software;if it is logged on as a domain ... user,it can install the software.why? ... and can I install the distributed software as a local user in client ...
    (microsoft.public.sms.admin)