Solved

User able to access secure folder

Posted on 2014-03-07
3
220 Views
Last Modified: 2014-03-07
I have a user who can access a locked  down HR folder that is only accessible to 5 people.  She can only access from one particular machine.  If she logs in anywhere else she is denied access.  I have never heard of this before.  Anyone have any idea where the security expolit for this could be found.  Its only this one user our of 150 and only on this one computer.

It doesnt happen for anyone else on this computer so its just this one user on this one computer.
0
Comment
Question by:funkyone60
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 54

Expert Comment

by:McKnife
ID: 39913040
This is no exploit. By default, windows explorer uses saved credentials. I bet that on that machine there are credentials saved. Open credential management and delete those.
0
 

Author Comment

by:funkyone60
ID: 39913079
Who's saved credentials?  Out of 150 machines on our network- this is the only one where this happened? So to make sure I am understanding what you are saying- if one of the 5 people with access to that folder had logged into that machine- then their credentials would still be saved and valid in terms of folder access? And if this is what you are saying then every single machine that had been accessed by network administrator would show this same behavior- or any of the other 5 people.  Since we have roaming profiles and have had people at a number of different computers- this certainly would have happened more than once.  And to go a step further it should apply to anyone else that logs in to that computer- correct?
0
 
LVL 54

Accepted Solution

by:
McKnife earned 500 total points
ID: 39913115
No... I am talking about this: http://windows.microsoft.com/en-us/windows7/store-passwords-certificates-and-other-credentials-for-automatic-logon
Please note that the dialogue for credential saving can appear with any share usage where your own credentials are not sufficient.
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

FAQ pages provide a simple way for you to supply and for customers to find answers to the most common questions about your company. Here are six reasons why your company website should have a FAQ page
This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question