Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

User able to access secure folder

Posted on 2014-03-07
3
Medium Priority
?
242 Views
Last Modified: 2014-03-07
I have a user who can access a locked  down HR folder that is only accessible to 5 people.  She can only access from one particular machine.  If she logs in anywhere else she is denied access.  I have never heard of this before.  Anyone have any idea where the security expolit for this could be found.  Its only this one user our of 150 and only on this one computer.

It doesnt happen for anyone else on this computer so its just this one user on this one computer.
0
Comment
Question by:funkyone60
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 56

Expert Comment

by:McKnife
ID: 39913040
This is no exploit. By default, windows explorer uses saved credentials. I bet that on that machine there are credentials saved. Open credential management and delete those.
0
 

Author Comment

by:funkyone60
ID: 39913079
Who's saved credentials?  Out of 150 machines on our network- this is the only one where this happened? So to make sure I am understanding what you are saying- if one of the 5 people with access to that folder had logged into that machine- then their credentials would still be saved and valid in terms of folder access? And if this is what you are saying then every single machine that had been accessed by network administrator would show this same behavior- or any of the other 5 people.  Since we have roaming profiles and have had people at a number of different computers- this certainly would have happened more than once.  And to go a step further it should apply to anyone else that logs in to that computer- correct?
0
 
LVL 56

Accepted Solution

by:
McKnife earned 2000 total points
ID: 39913115
No... I am talking about this: http://windows.microsoft.com/en-us/windows7/store-passwords-certificates-and-other-credentials-for-automatic-logon
Please note that the dialogue for credential saving can appear with any share usage where your own credentials are not sufficient.
0

Featured Post

Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article was originally published on Monitis Blog, you can check it here . Today it’s fairly well known that high-performing websites and applications bring in more visitors, higher SEO, and ultimately more sales. By the same token, downtime…
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question