Solved

Windows 2003 security issue

Posted on 2008-06-23
11
162 Views
Last Modified: 2013-12-04
After a new installation of Windows server 2003 (first Domain Controller) I have shared a few folders with different user rights. Everityng is working fine. All domain users have aceess to the folders that they suppose to have. But when I got connected a laptop to my wireless part of the network and this laptop is not part of this domain, and login to this laptop with any local username. I'm able to browse to all shared folders on my server. Any idea why is this and how to preven it.
Thanks for the help!  
0
Comment
Question by:tombbonb
11 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 21849293
Do you have the guest or Anonymous logon granting any access?
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21849334
If the shares on the server are granted access for the Guest or Anonymous accounts, then that will be one problem.

If the laptop has a local user account which happens to have exactly the same username and password as one of the domain user accounts, that will automatically grant the laptop access.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 21849460
TigerMatt,

That is the first time I have ever heard that you can do that since Security Identifier (SID) are created for every account even if the account has the same name it will still get a different SID for domain or local accounts.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 58

Expert Comment

by:tigermatt
ID: 21849567
Yes - the method of same user account on two workstations/networks is a widely publicised method for doing auto-login between two separate computer systems. Surprisingly, it works very well.

It's commonly used for peer-to-peer networks where each workstation has the same user accounts and passwords, but works with servers and laptops/PCs not on the domain just as well.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 21849681
Now I vaguely remember this might be available in peer to peer but not domain environment. Do you have any documentation that I could look over to get familiar with this?
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21849695
I've used it in domain environments before, so I know it can be done :-)
I can't find any docs to say this - I'll check again but a quick search didn't turn anything up. I think it's just a case of one of those things you just "know" it can be done, once you've done it yourself. I don't even know if Microsoft publicise it themselves...
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22102612
I think the points need to be split.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 22103355
Well actually I'm waiting for the confirmation that it can be done.

0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 22226342
PAQed with no points refunded (of 500)

Computer101
EE Admin
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
shadow copies 7 80
What is this Task? 4 129
Disable SSLv3.0/TLSv1.0 - Windows 2012R2 3 45
Recreating Server 2003 user accounts in Server 2016 9 73
In a recent article here at Experts Exchange (http://www.experts-exchange.com/articles/18880/PaperPort-14-in-Windows-10-A-First-Look.html), I discussed my nine-month sandbox testing of the Windows 10 Technical Preview, specifically with respect to r…
OfficeMate Freezes on login or does not load after login credentials are input.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question