Solved

Domain user logs in with blank password

Posted on 2015-01-29
2
100 Views
Last Modified: 2015-06-24
I am trying to figure out what is going on. There is a domain user 'mgruser' in Active Directory. All the computers that are joined to the domain here at our store, get the ctrl-alt-del screen and login as username 'STVINCENTDEPAUL\mgr' and then no password in the password box. Then enter. They are able to log into the domain just fine.

I guess I'm wondering how this is done? Would this be done by a policy on these computers or is this a group policy? When I go to the 'profile' tab of the 'mgruser' in AD, there is a login script called 'SBS_LOGIN_SCRIPT.bat'. But for the life of me, I cannot locate this .bat file anywhere. I checked in the usual directory where login scripts are stored and found this hidden directory but there is not .bat file inside of it. C:\Windows\SYSVOL\domain\DO_NOT_REMOVE_NtFrs_PreInstall_Directory

I'm not sure where the 'SBS_LOGON_SCRIPT.bat' is located? These login credential of 'Mgr' and no password are used for all our POS workstations/registers.  

Thank you in advance!
0
Comment
Question by:Margaret Ausloos
2 Comments
 
LVL 77

Accepted Solution

by:
arnold earned 500 total points
ID: 40578182
\\domainname\netlogon is where the AD user login scripts are kept
sysvol is where the GPO's and their scripts are stored.

A login script is not what allows the user to login, it is run after a successful login.

Likely you have a GPO that altered the settings on systems to allow logins without a password.
Alternatively, the systems might be configured with auto-login option i.e. the username/password is stored in the registry HKLM\software\microsoft\windows NT\winlogon
0
 
LVL 10

Expert Comment

by:Maclean
ID: 40578351
This is very bad practice, and highly insecure which is probably very obvious. But you can set the password policy on group policy editor. There are various articles online giving guidance on how to configure PW policy such as the below random example which I googled.

http://www.grouppolicy.biz/2011/08/tutorial-how-to-setup-default-and-fine-grain-password-policy/

I would highly recommend avoiding blank PW logons, as any security auditors will have a field day if the company gets audited by investors eager to keep their business secured, but in the end its a business decision, so have a look at the url, and I hope it helps.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Ms azure 2 31
BGP routing on Windows 2016 7 55
Modifying Powershell and WMI to obtain disk, cpu, mem & IP data ? 5 58
Penetration Testing home based work 3 75
Transferring data across the virtual world became simpler but protecting it is becoming a real security challenge.  How to approach cyber security  in today's business world!
Is your computer hacked? learn how to detect and delete malware in your PC
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question