Solved

Limiting User Login Times

Posted on 2003-12-04
7
464 Views
Last Modified: 2010-04-13
Hello everybody,
I am experiencing problems with people logging into other peoples computers and screwing things up. This is at a site where people are working 24/7. Due to funds there are only 4 computers and they are all on a workgroup, there is no server.

On one of the computers people are logging into that users account and deleting his/her files. The problem is the user will not listen to reason and keeps on giving out her password, and the security guard will not tell anybody who is gaining access to the computer. Quite a situation, I know, but we're working with an organization who doesn't seem to care for their own rules.

So what I was hoping to do was prevent anyone from logging onto that computer during a certain time frame. The OS is Windows 2000 Pro. I don't think it is possible to do it unless it is part of a domain, but does anybody know of a way that I'm not thinking of? How about some free/really cheap 3rd party software that will do this?

I'd like to avoid this user from being locked down so tight that he/she cannot do anything on the computer.

Thanks in advance,
Tekkie Geek
0
Comment
Question by:tekkiegeek
7 Comments
 
LVL 49

Accepted Solution

by:
sunray_2003 earned 250 total points
ID: 9875953
A command like this format should work

Net user "name of the user" /time:M-F,08:00-12:00

Sunray
0
 
LVL 4

Expert Comment

by:Vinnnnie
ID: 9876136
You should really get either Windows 2000/2003 Server as this is something you can specify for each user. You can specify what the login/logout times are. Very useful. You can download an Evaluation copy of 2003 Server from the Microsoft Site. Without a Server, there's not a whole lot you can do.
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9876194
If the user is giving out her password, then there is nothing you can do, short of locking her down. Even that won't truly help, as any files they can create, even if totally locked down, the same user can also delete.
Even in a domain, this would be an issue, though you might be able to tighten things up to the point of narrowing down who could have done it.
 You might still be able to narrow it down some, by implementing auditing on all PC's.
That way, you would know by logons who had accessed the other PC's legitimately at the same time that the files were deleted.
Not much of a solution, but if the user won't stop giving out her password, My response would be cry me a river... 8-)
Essentially, it would be like calling the cops because you were robbed while you were gone, having left the front door wide open, lights on, and a note telling where the valuables are... 8-)
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 6

Expert Comment

by:Casca1
ID: 9876302
In retrospect, even in a domain environment, there is only one way to prevent this situation, and that is limiting logon times. But, there is even a step further you can make.
 Make the user s liable (In a domain) for anything done on the network; Email, file storage, etc. Then make it a company policy to remove access if repeated violations of policy occur. Make secure, private passwords policy, and you should be able to nail both users.
You might not be able to do anything, and management might ignore you, but you can document what has been done and why, and if push comes to shove and they show YOU the door, having documented proof will at least prevent them from denying unemployment, and also give you a leg to stand on for suit. I mean, really, you have to look at worst case scenario's. If the user gives out the password, and some other user uses it to commit company or legal violations, you could be held responsible, if your the IS/IT guy. That includes file sharing or P2P programs with illegal material shared. Or sensitive data stolen. You would be in the hotseat, and with no documentation, the one left holding the bag.
Hmmm... Doomsday never sounds good, but you have to at least LOOK at the possible outcomes.
Even Libraries are worried about the DCMA, and they pretty much keep their systems locked down.
You run open systems with full access. If legal trouble happens, is the company going to say, our bad, it was our policies (Lack thereof) and our unwillingness to enforce same that led to the breach, or are they gonna say
We thought <TekkieGeek> was following the rules and doing his job.
I don't know about you or where you work, but I wouldn't trust MY boss to cover MY butt!
0
 
LVL 1

Author Comment

by:tekkiegeek
ID: 9878514
Thanks sunray, that is what I was looking for

Casca, don't worry, most of the stuff you are warning me about doesn't apply to me, I have my butt covered.
0
 
LVL 49

Expert Comment

by:sunray_2003
ID: 9878547
Cool

Sunray
0
 
LVL 6

Expert Comment

by:Casca1
ID: 9878626
Cool, just a thought... Who, Me Paranoid? 8-)
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
Adprep 12 44
Images sometimes not printed 6 467
Migrating from IIS5 to IIS8.5 3 152
Can’t delete a file 14 83
NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Scam emails are a huge burden for many businesses. Spotting one is not always easy. Follow our tips to identify if an email you receive is a scam.
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now