?
Solved

Domain user logs in with blank password

Posted on 2015-01-29
2
Medium Priority
?
120 Views
Last Modified: 2015-06-24
I am trying to figure out what is going on. There is a domain user 'mgruser' in Active Directory. All the computers that are joined to the domain here at our store, get the ctrl-alt-del screen and login as username 'STVINCENTDEPAUL\mgr' and then no password in the password box. Then enter. They are able to log into the domain just fine.

I guess I'm wondering how this is done? Would this be done by a policy on these computers or is this a group policy? When I go to the 'profile' tab of the 'mgruser' in AD, there is a login script called 'SBS_LOGIN_SCRIPT.bat'. But for the life of me, I cannot locate this .bat file anywhere. I checked in the usual directory where login scripts are stored and found this hidden directory but there is not .bat file inside of it. C:\Windows\SYSVOL\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory

I'm not sure where the 'SBS_LOGON_SCRIPT.bat' is located? These login credential of 'Mgr' and no password are used for all our POS workstations/registers.  

Thank you in advance!
0
Comment
Question by:Margaret Ausloos
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 79

Accepted Solution

by:
arnold earned 2000 total points
ID: 40578182
\\domainname\netlogon is where the AD user login scripts are kept
sysvol is where the GPO's and their scripts are stored.

A login script is not what allows the user to login, it is run after a successful login.

Likely you have a GPO that altered the settings on systems to allow logins without a password.
Alternatively, the systems might be configured with auto-login option i.e. the username/password is stored in the registry HKLM\software\microsoft\windows NT\winlogon
0
 
LVL 11

Expert Comment

by:Maclean
ID: 40578351
This is very bad practice, and highly insecure which is probably very obvious. But you can set the password policy on group policy editor. There are various articles online giving guidance on how to configure PW policy such as the below random example which I googled.

http://www.grouppolicy.biz/2011/08/tutorial-how-to-setup-default-and-fine-grain-password-policy/

I would highly recommend avoiding blank PW logons, as any security auditors will have a field day if the company gets audited by investors eager to keep their business secured, but in the end its a business decision, so have a look at the url, and I hope it helps.
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
As companies replace their old PBX phone systems with Unified IP Communications, many are finding out that legacy applications such as fax do not work well with VoIP. Fortunately, Cloud Faxing provides a cost-effective alternative that works over an…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question