I am trying to do some risk assessment work on folder permissions on an admin share on a windows 2008 server. The share permissions are - admin share, but on the directory permissions builtin\users have access to some folders on the servers local C drive. As its an admin share, then remotely mapping the share and getting access to the files that way is out the equation. And the server is a secure room so them manually logging onto the server is very, very unlikely.
I appreciate you can RDP onto a server, but I think local security policy or user rights assignments determine which users and groups could do this.
So... if its an admin share, local security options/user rights assignments don't let basic users (builtin\users) RDP, and the server is physically secure - is there any other way a user can achieve "local" login to the server to access those files?