<div>
Think I have found my own answer, i.e. SeRemoteInteractiveLogonRi<wbr />ght is what you need to use RDP software. <br />
<br />
What does &quot;Access this Computer from the Network&quot; actually mean? i.e. if every user in your network has this URA on say a windows 2003 file server, whats the risk?
</div>


Think I have found my own answer, i.e. SeRemoteInteractiveLogonRight is what you need to use RDP software.

What does "Access this Computer from the Network" actually mean? i.e. if every user in your network has this URA on say a windows 2003 file server, whats the risk?

<div>
About the risk: all dangerous things you can do remotely need remote administrative access in addition to that privilege. What can be done without admin rights is simply enumerating things that should not be of great concern. List shares, for example (not to be confused with listing the contents of the shares).
</div>


About the risk: all dangerous things you can do remotely need remote administrative access in addition to that privilege. What can be done without admin rights is simply enumerating things that should not be of great concern. List shares, for example (not to be confused with listing the contents of the shares).

<div>
<div class="content wysiwyg-content">
I am trying to risk assess which users can login to a windows server through RDP (mstsc.exe). I have a list of user righrs assignmentS for the servers local groups, two of them are called &quot;SeInteractiveLogonRight and SeNetworkLogonRight&quot; - are these the rights that allow users to remote onto the server using mstsc.exe? If not - what exactly are they?
</div>
</div>


I am trying to risk assess which users can login to a windows server through RDP (mstsc.exe). I have a list of user righrs assignmentS for the servers local groups, two of them are called "SeInteractiveLogonRight and SeNetworkLogonRight" - are these the rights that allow users to remote onto the server using mstsc.exe? If not - what exactly are they?

SeInteractiveLogonRight and SeNetworkLogonRight

The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.

Microsoft Server OS

The Microsoft Legacy Operating System topic includes legacy versions of Microsoft operating systems prior to Windows 2000: All versions of MS-DOS and other versions developed for specific manufacturers and Windows 3/3.1, Windows 95 and Windows 98, plus any other Windows-related versions, and Windows Mobile.

Microsoft Legacy OS

Operating system security (OS security) is the process of ensuring OS integrity, confidentiality and availability. OS security refers to specified steps or measures used to protect the OS from threats, viruses, worms, malware or remote hacker intrusions. OS security encompasses all preventive-control techniques, which safeguard any computer assets capable of being stolen, edited or deleted if OS security is compromised, including authentication, passwords and threats to systems and programs.