Re: User bypasses security

From: Steven L Umbach (n9rou_at_nospam-comcast.net)
Date: 11/16/05

• Next message: Tekmazter: "Restrict both local machine accounts and domain accounts from login"
• Previous message: Steven L Umbach: "Re: User bypasses security"
• In reply to: Steven L Umbach: "Re: User bypasses security"
• Next in thread: Jim Matthews: "Re: User bypasses security"
• Reply: Jim Matthews: "Re: User bypasses security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Wed, 16 Nov 2005 11:52:32 -0600

Also keep in mind that if you change group membership of a user that you
must logoff and logon as the user again to update the user's security token
with the correct group membership. The support tool whoami can be used as in
whoami /groups to show the users group membership for the current security
token. --- Steve

"Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
news:%23g8CFTt6FHA.2176@TK2MSFTNGP14.phx.gbl...
> Jim.
>
> When he is connected to the share go to Computer Management/Shared
> Folders - sessions to see as what user he is connected to the folder as
> and it should also show the source computer. Type 3 logon events would
> also be generated in the security log of the server for the user accessing
> the share if auditing of logon events is enabled. If the user is
> different than what you expect then he may be accessing the share with
> credentials other than his own. Windows XP can use "stored credentials"
> [see link below]to access a server or share though I have no idea how he
> would have access to your credentials unless you logged on as that account
> one time and configured stored credentials. Try having that user logon to
> another computer to see if he still can gain access. Also double check the
> user's group membership to make sure it is what you expect --- Steve
>
> http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/Default.asp?url=/resources/documentation/Windows/XP/all/reskit/en-us/prdp_log_vkxx.asp
>
> "Jim Matthews" <jmweb@comcast.net> wrote in message
> news:OfeFP6s6FHA.1276@TK2MSFTNGP09.phx.gbl...
>> Sorry - he can look at any share and open any file he wishes
>>
>> For example, I have a folder in which I keep confidential info. The only
>> share and security permissions on it are me - as Domain Admin and as a
>> user.
>>
>> He can simply go to Start-->Run and type \\servername and he is shown a
>> list
>> of all shares. If he clicks on my share, he is given access to it all
>>
>> I have no idea whether he can log on to the server console
>>
>> Thanks for your help
>>
>> JM
>>
>> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
>> news:%23XokZ1s6FHA.3648@tk2msftngp13.phx.gbl...
>>> Define more specifically what you mean by everything with some examples.
>> Can
>>> he logon to the domain controller console? Can he access it's security
>> logs
>>> via Event Viewer? --- Steve
>>>
>>>
>>> "Jim Matthews" <jmweb@comcast.net> wrote in message
>>> news:eJ6fdvs6FHA.3588@TK2MSFTNGP15.phx.gbl...
>>> > My setup (partially) a W2K Server (DC) which houses AD, and files, and
>>> > a
>>> > W2K3 Server which houses Exchange and files.
>>> >
>>> > I set up a new user (without admin rights) and he has access to
>>> > _everything_
>>> > on the W2k Server, but is ''restricted" normally on the W2K3 server.
>>> >
>>> > He is not a member of any admin group or anything like that. I have
>>> > checked
>>> > and rechecked the permissions on several restricted folders.
>>> >
>>> > He is running XP Pro
>>> >
>>> > I assume that because he is restricted on the W2K3 server that his
>>> > "permissions" are correct, but there is something amiss on the one
>> server
>>> >
>>> > Can anyone shed some light on this ?
>>> >
>>> > Many Thanks
>>> >
>>> > JM
>>> >
>>> >
>>>
>>>
>>
>>
>
>

---

• Next message: Tekmazter: "Restrict both local machine accounts and domain accounts from login"
• Previous message: Steven L Umbach: "Re: User bypasses security"
• In reply to: Steven L Umbach: "Re: User bypasses security"
• Next in thread: Jim Matthews: "Re: User bypasses security"
• Reply: Jim Matthews: "Re: User bypasses security"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages SBS 2003 folder redirection, offline files, ..and more ... I've worked lots with pcs, general networking, Netware server etc. ... I am familiar with folder redir, ... machine, logon as themselves, get their data off their U drive...yes I ... if..."administrators and other users do not have access rights to the ... (microsoft.public.windows.server.sbs) Stand-alone DFS and non-domain users ... Recently we got to a storage room shortage, so I bought a Dell NAS ... Our domain controller is 2000 server. ... users got to our folder when they tried to go to thier local ones). ... The problem is with those users who don't logon ... (microsoft.public.win2000.file_system) Re: OL2K3 Multiple Junk Email folders created... ... When a local MAPI folder is created during the logon, ... >> try to map to the same name IMAP folder of the server. ... (microsoft.public.win32.programmer.messaging) Re: Question about windows integrated security ... This is a test server, so it cannot be accessed over internet ... folder restriction available. ... You will then see, in the security Event Log, and logon failure ... > possible reason why the logon is failing. ... (microsoft.public.dotnet.framework.aspnet.security) Redirection of all folders not working ... common shared "profiles" folder somewhere that all the ... servers can see; make sure the profile path ... server as the user and it should lock their profile down. ... >Have setup a logon script that works through the Group ... (microsoft.public.win2000.group_policy)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)