Security Issue with Computer management

Archived from groups: microsoft.public.win2000.security (More info?)

We are having a mixture of Windows 2000 with service
pack 4 and Windows 2003 servers.

Users can right click My Computer..Manage..right click
on computer management..connect to another computer and
specify the name of remote computer

Can easily get into another computer and play around with
shares amd other stuff.
Is it a security loop hole? or How can we restirct non
admin users from doing this. They can really damage the
system.

The Users are not in the local administrators group or any
other local group on the remote machine.
They can get into remote PC where they are not members of
any group and play around with shares, event viewer etc

I would expect this capability only for administrators
group on the remote machine.

How can I turn off access to non-admin users


Thanks in Advance
Kiran
3 answers Last reply
More about security issue computer management
  1. Archived from groups: microsoft.public.win2000.security (More info?)

    have you really tried this? i just did and got appropriate 'access denied',
    'insufficient permissions held' etc on things i wouldn't expect to have
    access to... and i am an admin on my local machine, but not on the domain.
    if your users can do things you don't want them to you should look for the
    settings that give them too many permissions.

    "Joseph K" <anonymous@discussions.microsoft.com> wrote in message
    news:006901c495c2$e9b7d6f0$a401280a@phx.gbl...
    > We are having a mixture of Windows 2000 with service
    > pack 4 and Windows 2003 servers.
    >
    > Users can right click My Computer..Manage..right click
    > on computer management..connect to another computer and
    > specify the name of remote computer
    >
    > Can easily get into another computer and play around with
    > shares amd other stuff.
    > Is it a security loop hole? or How can we restirct non
    > admin users from doing this. They can really damage the
    > system.
    >
    > The Users are not in the local administrators group or any
    > other local group on the remote machine.
    > They can get into remote PC where they are not members of
    > any group and play around with shares, event viewer etc
    >
    > I would expect this capability only for administrators
    > group on the remote machine.
    >
    > How can I turn off access to non-admin users
    >
    >
    > Thanks in Advance
    > Kiran
    >
    >
  2. Archived from groups: microsoft.public.win2000.security (More info?)

    Thanks for the reply
    This is the issue we are facing currently

    The users can not access remote machine by any other
    means as they are not members of any group but they can do
    things they are not supposed to using the method I have
    mentioned(Computer Management).
    Is there a way to restrict only non-admin users and allow
    admins.


    Thanks
    Joseph K

    >-----Original Message-----
    >have you really tried this? i just did and got
    appropriate 'access denied',
    >'insufficient permissions held' etc on things i wouldn't
    expect to have
    >access to... and i am an admin on my local machine, but
    not on the domain.
    >if your users can do things you don't want them to you
    should look for the
    >settings that give them too many permissions.
    >
    >"Joseph K" <anonymous@discussions.microsoft.com> wrote in
    message
    >news:006901c495c2$e9b7d6f0$a401280a@phx.gbl...
    >> We are having a mixture of Windows 2000 with service
    >> pack 4 and Windows 2003 servers.
    >>
    >> Users can right click My Computer..Manage..right click
    >> on computer management..connect to another computer and
    >> specify the name of remote computer
    >>
    >> Can easily get into another computer and play around
    with
    >> shares amd other stuff.
    >> Is it a security loop hole? or How can we restirct non
    >> admin users from doing this. They can really damage the
    >> system.
    >>
    >> The Users are not in the local administrators group or
    any
    >> other local group on the remote machine.
    >> They can get into remote PC where they are not members
    of
    >> any group and play around with shares, event viewer etc
    >>
    >> I would expect this capability only for administrators
    >> group on the remote machine.
    >>
    >> How can I turn off access to non-admin users
    >>
    >>
    >> Thanks in Advance
    >> Kiran
    >>
    >>
    >
    >
    >.
    >
  3. Archived from groups: microsoft.public.win2000.security (More info?)

    I would check your user group memberships. It is true that a user can navigate to
    another computer and IF they are a member of the users group on that computer they
    can VIEW certain information. However unless they are an administrator on the remote
    computer they can not manage shares, etc. The next time you try this, go into
    Computer Management/shared folders - sessions to see exactly how that remote user is
    being authenticated on the computer and/or look in the security log for logon events
    [ assuming you have it enabled] . You can disable the ability users to use Computer
    Management [and many other mmc snapins] in Group Policy if you do not want them to
    use it. --- Steve


    "Joseph K" <anonymous@discussions.microsoft.com> wrote in message
    news:006901c495c2$e9b7d6f0$a401280a@phx.gbl...
    > We are having a mixture of Windows 2000 with service
    > pack 4 and Windows 2003 servers.
    >
    > Users can right click My Computer..Manage..right click
    > on computer management..connect to another computer and
    > specify the name of remote computer
    >
    > Can easily get into another computer and play around with
    > shares amd other stuff.
    > Is it a security loop hole? or How can we restirct non
    > admin users from doing this. They can really damage the
    > system.
    >
    > The Users are not in the local administrators group or any
    > other local group on the remote machine.
    > They can get into remote PC where they are not members of
    > any group and play around with shares, event viewer etc
    >
    > I would expect this capability only for administrators
    > group on the remote machine.
    >
    > How can I turn off access to non-admin users
    >
    >
    > Thanks in Advance
    > Kiran
    >
    >
Ask a new question

Read More

Security Computers Management Windows