Sign in with
Sign up | Sign in
Your question

Security Issue with Computer management

Last response: in Windows 2000/NT
Share
Anonymous
a b 8 Security
September 8, 2004 1:43:05 PM

Archived from groups: microsoft.public.win2000.security (More info?)

We are having a mixture of Windows 2000 with service
pack 4 and Windows 2003 servers.

Users can right click My Computer..Manage..right click
on computer management..connect to another computer and
specify the name of remote computer

Can easily get into another computer and play around with
shares amd other stuff.
Is it a security loop hole? or How can we restirct non
admin users from doing this. They can really damage the
system.

The Users are not in the local administrators group or any
other local group on the remote machine.
They can get into remote PC where they are not members of
any group and play around with shares, event viewer etc

I would expect this capability only for administrators
group on the remote machine.

How can I turn off access to non-admin users


Thanks in Advance
Kiran
September 8, 2004 5:16:15 PM

Archived from groups: microsoft.public.win2000.security (More info?)

have you really tried this? i just did and got appropriate 'access denied',
'insufficient permissions held' etc on things i wouldn't expect to have
access to... and i am an admin on my local machine, but not on the domain.
if your users can do things you don't want them to you should look for the
settings that give them too many permissions.

"Joseph K" <anonymous@discussions.microsoft.com> wrote in message
news:006901c495c2$e9b7d6f0$a401280a@phx.gbl...
> We are having a mixture of Windows 2000 with service
> pack 4 and Windows 2003 servers.
>
> Users can right click My Computer..Manage..right click
> on computer management..connect to another computer and
> specify the name of remote computer
>
> Can easily get into another computer and play around with
> shares amd other stuff.
> Is it a security loop hole? or How can we restirct non
> admin users from doing this. They can really damage the
> system.
>
> The Users are not in the local administrators group or any
> other local group on the remote machine.
> They can get into remote PC where they are not members of
> any group and play around with shares, event viewer etc
>
> I would expect this capability only for administrators
> group on the remote machine.
>
> How can I turn off access to non-admin users
>
>
> Thanks in Advance
> Kiran
>
>
Anonymous
a b 8 Security
September 8, 2004 5:16:16 PM

Archived from groups: microsoft.public.win2000.security (More info?)

Thanks for the reply
This is the issue we are facing currently

The users can not access remote machine by any other
means as they are not members of any group but they can do
things they are not supposed to using the method I have
mentioned(Computer Management).
Is there a way to restrict only non-admin users and allow
admins.


Thanks
Joseph K

>-----Original Message-----
>have you really tried this? i just did and got
appropriate 'access denied',
>'insufficient permissions held' etc on things i wouldn't
expect to have
>access to... and i am an admin on my local machine, but
not on the domain.
>if your users can do things you don't want them to you
should look for the
>settings that give them too many permissions.
>
>"Joseph K" <anonymous@discussions.microsoft.com> wrote in
message
>news:006901c495c2$e9b7d6f0$a401280a@phx.gbl...
>> We are having a mixture of Windows 2000 with service
>> pack 4 and Windows 2003 servers.
>>
>> Users can right click My Computer..Manage..right click
>> on computer management..connect to another computer and
>> specify the name of remote computer
>>
>> Can easily get into another computer and play around
with
>> shares amd other stuff.
>> Is it a security loop hole? or How can we restirct non
>> admin users from doing this. They can really damage the
>> system.
>>
>> The Users are not in the local administrators group or
any
>> other local group on the remote machine.
>> They can get into remote PC where they are not members
of
>> any group and play around with shares, event viewer etc
>>
>> I would expect this capability only for administrators
>> group on the remote machine.
>>
>> How can I turn off access to non-admin users
>>
>>
>> Thanks in Advance
>> Kiran
>>
>>
>
>
>.
>
Anonymous
a b 8 Security
September 9, 2004 12:00:43 AM

Archived from groups: microsoft.public.win2000.security (More info?)

I would check your user group memberships. It is true that a user can navigate to
another computer and IF they are a member of the users group on that computer they
can VIEW certain information. However unless they are an administrator on the remote
computer they can not manage shares, etc. The next time you try this, go into
Computer Management/shared folders - sessions to see exactly how that remote user is
being authenticated on the computer and/or look in the security log for logon events
[ assuming you have it enabled] . You can disable the ability users to use Computer
Management [and many other mmc snapins] in Group Policy if you do not want them to
use it. --- Steve


"Joseph K" <anonymous@discussions.microsoft.com> wrote in message
news:006901c495c2$e9b7d6f0$a401280a@phx.gbl...
> We are having a mixture of Windows 2000 with service
> pack 4 and Windows 2003 servers.
>
> Users can right click My Computer..Manage..right click
> on computer management..connect to another computer and
> specify the name of remote computer
>
> Can easily get into another computer and play around with
> shares amd other stuff.
> Is it a security loop hole? or How can we restirct non
> admin users from doing this. They can really damage the
> system.
>
> The Users are not in the local administrators group or any
> other local group on the remote machine.
> They can get into remote PC where they are not members of
> any group and play around with shares, event viewer etc
>
> I would expect this capability only for administrators
> group on the remote machine.
>
> How can I turn off access to non-admin users
>
>
> Thanks in Advance
> Kiran
>
>
Related resources
!