GlobalFax
asked on
NT 4.0 to Windows 2003 Active Directory upgrade security breach
I upgraded a NT 4.0 domain to Windows 2003 AD. Auditors recently used ISS scanning tool to expose list of users on one of my DCs which holds no operations roles in AD.
The funny thing is that the list seems to contain users that only extisted prior to AD upgrade. Where could they have picked this up? Is there an NT file, i.e SAM database. Keep in mind that they picked this up on ad DC that was a clean install. I have one DC that was an NT 4.0 upgrade and they could not pick up this list.
Help is much appreciated.
The funny thing is that the list seems to contain users that only extisted prior to AD upgrade. Where could they have picked this up? Is there an NT file, i.e SAM database. Keep in mind that they picked this up on ad DC that was a clean install. I have one DC that was an NT 4.0 upgrade and they could not pick up this list.
Help is much appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
http://www.windowsitpro.com/Article/ArticleID/41576/41576.html
Check it out. I bet you'll be surprised ...