Re: Regular User with Server Installed - Is it a security risk?

• Previous message: z: "Regular User with Server Installed - Is it a security risk?"
• In reply to: z: "Regular User with Server Installed - Is it a security risk?"
• Next in thread: Steven L Umbach: "Re: Regular User with Server Installed - Is it a security risk?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sat, 7 May 2005 11:50:24 -0700

It may be a risk, but not in the way you seem to be considering.
If the user is only a domain user, not a domain admin nor an
admin on any member machine, then their actions will be limited.
Some server tools may show them more than they would simply
discover without those tools, but actions/changes will be restricted
to what is allowed to the account in use.

However, having a server installed on your network, used/run
by someone without admin abilities is potentially a risk in that
the service will not be well configured, and so may be presenting
a larger attack surface than you might want.

-- 
Roger Abell
Microsoft MVP (Windows  Security)
MCSE (W2k3,W2k,Nt4)  MCDBA
"z" <z@z.z> wrote in message news:eME%23ysyUFHA.2540@tk2msftngp13.phx.gbl...
> If we have someone on our network that has Windows 2000 Server installed,
> but is not an administrator, are there any security risks with that?
>
> I know the server tools are there, such as DNS, DHCP, Active Directory,
> etc., but if she is not an admistrator then does it matter?
>
> Thanks,
>
> Zed Doural
>
>

• Previous message: z: "Regular User with Server Installed - Is it a security risk?"
• In reply to: z: "Regular User with Server Installed - Is it a security risk?"
• Next in thread: Steven L Umbach: "Re: Regular User with Server Installed - Is it a security risk?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]