Expiring Today—Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

RDP login to SBS 2008 Std with invalid domain name

Posted on 2010-08-20
5
Medium Priority
?
603 Views
Last Modified: 2013-11-21
Hi Guru's !

II found out strange configuration on SBS 2008 Std. It is security issue.

Beleve or not but I  can RDP login to SBS 2008 with INVALID domain name.


Does anyone have experiences about that.


Thanks



0
Comment
Question by:Vojko Divjak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 8

Expert Comment

by:Wikkard
ID: 33483337
Are your server in a domain ? If not then the local machine accounts would always be used for authentication I believe.
0
 
LVL 4

Expert Comment

by:ebooyens
ID: 33483358
so are you using "invaliddomain\user" where user is a valid user and you use a valid password and it then logs on?  If so the RDP client may just be passing the username and password and not domain.  Why are you concerned about this?  RDP should not be open to the internet and only on the LAN, in which case anyone who can get on your LAN can probably figure out what your real domain is anyway.  As long as your passwords are complex and changed on a schedule that should be secure enough.
0
 

Author Comment

by:Vojko Divjak
ID: 33483739
Ok. But I noticed tihis behavior only on SBS 2008. On 2008 Std and 2008 R2 and you know on all releases of 2003 it works fine.

I agree RDP port should be closed to internet.

Everything started when one of my customer wanted to see all connections on exchange server with his Miobile Phone. I saw that his phone using wrong (read old) domain name and he gets mail without any problems.


0
 
LVL 4

Accepted Solution

by:
ebooyens earned 2000 total points
ID: 33483763
Yeah that is strange.  Sounds like a bug to me.  I don't have any thoughts on fixing this sorry other than just making sure your server is fully patched.
0
 

Author Comment

by:Vojko Divjak
ID: 33483821
It is strange, yes. That's whay a was started to digging.
My server is fully pached, of course :)

Thanks
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The articles for turning off the Client firewall policy on the internet are for SBS 2008 and don't really help for SBS 2011. They actually moved the Client firewall policy. In 2011, the client firewall policy has moved to the SBS computers conta…
You may have discovered the 'Compatibility View Settings' workaround for making your SBS 2008 Remote Web Workplace 'connect to a computer' section stops 'working around' after a Windows 10 client upgrade.  That can be fixed so it 'works around' agai…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question