Solved

Delete user account that can be logged on to locally giving admin rights

Posted on 2008-10-23
3
190 Views
Last Modified: 2013-12-04
Hi Y'all,
On the network I look after, a lot of PCs have been identified as having a user account that can be logged on to locally giving full admin access to the machine thus bypassing all security measures in place.
I can get rid of this by logging on to the machine as an administrator and deleting the admin rights from the user. This solves the problem but with 600 PCs on the newtork, can anyone point me at a quick solution/script etc that will do the biz?
Ta.
0
Comment
Question by:prytaneion
3 Comments
 
LVL 2

Accepted Solution

by:
armynt4 earned 500 total points
ID: 22789870
I don't have the script handy... BUT... if you are running a Windows Server 2000 + domain...you could create a logon script that would delete the local account or change rights to the account when the computer or user logs onto the domain.  Just add it to the domain users via a GPO.  Let this run on the network for at least a week.  You can then run MSBA from microsoft.com to get reports on all machines and their respective accounts/rights, local and otherwise.

Probably the easiest way to do it.
0
 
LVL 38

Expert Comment

by:Shift-3
ID: 22789894
0
 

Author Closing Comment

by:prytaneion
ID: 31509380
Hi Armyn,
Thanks for the tip - looks good to me. Have accepted your solution but would appreciate the script if you could spare me the time. I've not dabbled too much with this!
Best regards,
Alan.
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Our Group Policy work started with Small Business Server in 2000. Microsoft gave us an excellent OU and GPO model in subsequent SBS editions that utilized WMI filters, OU linking, and VBS scripts. These are some of experiences plus our spending a lo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now