Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Windows 2003 security issue

Posted on 2008-06-23
11
Medium Priority
?
180 Views
Last Modified: 2013-12-04
After a new installation of Windows server 2003 (first Domain Controller) I have shared a few folders with different user rights. Everityng is working fine. All domain users have aceess to the folders that they suppose to have. But when I got connected a laptop to my wireless part of the network and this laptop is not part of this domain, and login to this laptop with any local username. I'm able to browse to all shared folders on my server. Any idea why is this and how to preven it.
Thanks for the help!  
0
Comment
Question by:tombbonb
11 Comments
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 21849293
Do you have the guest or Anonymous logon granting any access?
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21849334
If the shares on the server are granted access for the Guest or Anonymous accounts, then that will be one problem.

If the laptop has a local user account which happens to have exactly the same username and password as one of the domain user accounts, that will automatically grant the laptop access.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 21849460
TigerMatt,

That is the first time I have ever heard that you can do that since Security Identifier (SID) are created for every account even if the account has the same name it will still get a different SID for domain or local accounts.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 58

Expert Comment

by:tigermatt
ID: 21849567
Yes - the method of same user account on two workstations/networks is a widely publicised method for doing auto-login between two separate computer systems. Surprisingly, it works very well.

It's commonly used for peer-to-peer networks where each workstation has the same user accounts and passwords, but works with servers and laptops/PCs not on the domain just as well.
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 21849681
Now I vaguely remember this might be available in peer to peer but not domain environment. Do you have any documentation that I could look over to get familiar with this?
0
 
LVL 58

Expert Comment

by:tigermatt
ID: 21849695
I've used it in domain environments before, so I know it can be done :-)
I can't find any docs to say this - I'll check again but a quick search didn't turn anything up. I think it's just a case of one of those things you just "know" it can be done, once you've done it yourself. I don't even know if Microsoft publicise it themselves...
0
 
LVL 59

Expert Comment

by:Darius Ghassem
ID: 22102612
I think the points need to be split.
0
 
LVL 27

Expert Comment

by:Tolomir
ID: 22103355
Well actually I'm waiting for the confirmation that it can be done.

0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 22226342
PAQed with no points refunded (of 500)

Computer101
EE Admin
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question