Archived from groups: microsoft.public.win2000.security (
More info?)
it are actual (domain-)users, and indeed i did check their security group
membership right away. With one account i tried to log on with terminal
services but the user is not "allowed to login locally". Are there other
possibilities for creation of profiles? We also noticed that at the same date
a profile was created named <Computername>$, maybe this gives a clue?
"Brandon Baker" wrote:
> These profiles that were created, I assume they are actual employees. I
> would check their security group membership right away. Then create another
> user for test, see if they can logon to a domain controller through terminal
> services.
>
>
> "8cup" <8cup@discussions.microsoft.com> wrote in message
> news:2ABC5038-E41F-4A2B-9FD4-907F14DE43C9@microsoft.com...
> > The dc is in a protected area so no user can reach it (and besides that a
> > normal user cannot login on a dc). de profiles are indeed located at
> > c:\documents and
> > settings\ and show up the system properties. I'm afraid the profiles are
> > put there by an illegal utility using some vulnerability.
> >
> > "Patty Calcaterra" wrote:
> >
> >> Did these people log on to the DC? The only way profiles can be
> >> created is if they logged on either through RDP or locally....I am
> >> assuming that you mean the profiles are located at c:\documents and
> >> settings\[profile name]....or do you mean that you are using roaming
> >> profiles and these profiles are on the server?
> >>
> >> 1.8cup, I am trying to understand how the profiles got there. Do you
> >> know? Or are you asking us how they got there?
> >>
> >> Regards,
> >>
> >> Patty
> >>
> >>
>
>
>