Login credentials on specific user on specific machine giving access to shares that it should not be.

Posted on 2006-04-06
Last Modified: 2010-04-03
I have one user who on their own computer (XP Pro) with their own login credentials gains access to shares on a Windows 2003 server that they do not have permission on. This user for example can access the computer dept share - (she should not be able to - I checked the security and sharing) If I user her credentials to log into another machine - she can't access this folder, it works as expected. It is only when she logs into this one computer, she does not have access to certain shares that she should, and she has access to folders that she should not. If any other user logs onto this machine it works as expected. Only her username on her computer has this issue. Maybe the user profile is corrupt on this machine?

We have one domain in a mixed 2000 - 2003 environment.
Question by:mspolter
    LVL 5

    Assisted Solution

    I would delete her profile on the local machine, and try agaiin

    Author Comment

    I renamed the profile, logged her in which created a new profile, and copied her files to the new profile - but she had the same problem with the new profile. At this point I am just giving her a new machine. Has anyone even heard of this problem. It is a little scary. That means anyone in the enterprise could access the most critical data if this happened to them.
    LVL 3

    Accepted Solution

    yeah, scary.  How do you know that is not happening with other users and/or machines?  I would just re-image the machine to save time or in your case, give her a new one.

    have you tried to plug this particular machine at a different location?
    LVL 1

    Assisted Solution

    Have you checked the local users and groups on the machine?

    Perhaps she is part of the local administrators group on that machine which in turn is part of the domain admins group in AD.

    Have you tried another user on the same machine?

    LVL 2

    Assisted Solution

    Reintall the network card driver on this particular PC. and give a different IP to this PC. If it is DHCP then give a static IP to it.

    Author Comment

    I first tried the username on a new computer, and it worked as expected. I then copied over parts of her profile to the new machine (email, desktop, etc....) Then when I changed the computer name and IP to the original one, and put it in the same location, the problem occured - in the new machine.

    Then I deleted her account on AD and recreated it, and the problem still occured. Then I gave her the original machine, and created a brand new username which created a new profile, copied her old profile info into the new one, and she is good now. So thank you for your help. I guess it will remain a mystery. Maybe if someone else experiences this problem they can add to this case.

    Featured Post

    New My Cloud Pro Series - organize everything!

    With space to keep virtually everything, the My Cloud Pro Series offers your team the network storage to edit, save and share production files from anywhere with an internet connection. Compatible with both Mac and PC, you're able to protect your content regardless of OS.

    Join & Write a Comment

    I have written before on the benefits of using a Boot media other than your HDD when it has become infected.   The article I wrote about creating a bootable CD/DVD/USB ( was mainly concerned with building a UBCD4Win on CD …
    Having issues meeting security compliance criteria because of those pesky USB drives? Then I can help you! This article will explain how to disable USB Mass Storage devices in Windows Server 2008 R2.
    This video teaches viewers how to encrypt an external drive that requires a password to read and edit the drive. All tasks are done in Disk Utility. Plug in the external drive you wish to encrypt: Make sure all previous data on the drive has been …
    This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    13 Experts available now in Live!

    Get 1:1 Help Now