Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

SeInteractiveLogonRight and SeNetworkLogonRight

Posted on 2013-12-02
3
Medium Priority
?
1,532 Views
Last Modified: 2013-12-02
I am trying to risk assess which users can login to a windows server through RDP (mstsc.exe). I have a list of user righrs assignmentS for the servers local groups, two of them are called "SeInteractiveLogonRight and SeNetworkLogonRight" - are these the rights that allow users to remote onto the server using mstsc.exe? If not - what exactly are they?
0
Comment
Question by:pma111
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 3

Author Comment

by:pma111
ID: 39689693
Think I have found my own answer, i.e. SeRemoteInteractiveLogonRight is what you need to use RDP software.

What does "Access this Computer from the Network" actually mean? i.e. if every user in your network has this URA on say a windows 2003 file server, whats the risk?
0
 
LVL 56

Accepted Solution

by:
McKnife earned 2000 total points
ID: 39689834
Hi.

By default, no user may logon to a server via RDP, neither via interactive logon.
The privileges needed are SeRemoteInteractiveLogonRight  as you found out yourself ...together with SeInteractiveLogonRight however... can't be only one.

"Access this Computer from the Network" is held by every authenticated domain user by default. It is the same as SeNetworkLogonRight.
The logon type is called network logon and is used for accessing shares or other types of remote access like administrative things as we do remotely with the mmc.
0
 
LVL 56

Expert Comment

by:McKnife
ID: 39689837
About the risk: all dangerous things you can do remotely need remote administrative access in addition to that privilege. What can be done without admin rights is simply enumerating things that should not be of great concern. List shares, for example (not to be confused with listing the contents of the shares).
0

Featured Post

Q2 2017 - Latest Malware & Internet Attacks

WatchGuard’s Threat Lab is a group of dedicated threat researchers committed to helping you stay ahead of the bad guys by providing in-depth analysis of the top security threats to your network.  Check out our latest Quarterly Internet Security Report!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Ever notice how you can't use a new drive in Windows without having Windows assigning a Disk Signature?  Ever have a signature collision problem (especially with Virtual Machines?)  This article is intended to help you understand what's going on and…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question