Solved

RDP login to SBS 2008 Std with invalid domain name

Posted on 2010-08-20
5
599 Views
Last Modified: 2013-11-21
Hi Guru's !

II found out strange configuration on SBS 2008 Std. It is security issue.

Beleve or not but I  can RDP login to SBS 2008 with INVALID domain name.


Does anyone have experiences about that.


Thanks



0
Comment
Question by:Vojko Divjak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 8

Expert Comment

by:Wikkard
ID: 33483337
Are your server in a domain ? If not then the local machine accounts would always be used for authentication I believe.
0
 
LVL 4

Expert Comment

by:ebooyens
ID: 33483358
so are you using "invaliddomain\user" where user is a valid user and you use a valid password and it then logs on?  If so the RDP client may just be passing the username and password and not domain.  Why are you concerned about this?  RDP should not be open to the internet and only on the LAN, in which case anyone who can get on your LAN can probably figure out what your real domain is anyway.  As long as your passwords are complex and changed on a schedule that should be secure enough.
0
 

Author Comment

by:Vojko Divjak
ID: 33483739
Ok. But I noticed tihis behavior only on SBS 2008. On 2008 Std and 2008 R2 and you know on all releases of 2003 it works fine.

I agree RDP port should be closed to internet.

Everything started when one of my customer wanted to see all connections on exchange server with his Miobile Phone. I saw that his phone using wrong (read old) domain name and he gets mail without any problems.


0
 
LVL 4

Accepted Solution

by:
ebooyens earned 500 total points
ID: 33483763
Yeah that is strange.  Sounds like a bug to me.  I don't have any thoughts on fixing this sorry other than just making sure your server is fully patched.
0
 

Author Comment

by:Vojko Divjak
ID: 33483821
It is strange, yes. That's whay a was started to digging.
My server is fully pached, of course :)

Thanks
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Remote Apps is a feature in server 2008 which allows users to run applications off Remote Desktop Servers without having to log into them to run the applications.  The user can either have a desktop shortcut installed or go through the web portal to…
If you are a user of the discontinued Microsoft Office Accounting 2008 (MSOA) and have to move to a new computer running Windows 8, you will be unhappy to discover that it won't install.  In particular, Microsoft SQL Server 2005 Express Edition (SSE…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question