| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 35184 | 2003-07-04 10:03:00 | Win 2k "Administrator" still has restrictions | somebody (208) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 157452 | 2003-07-04 10:03:00 | A friend of mine is the system administrator for his workplace. However, someone has tampered with a Win2k machine, so when he logs on as "Administrator" (into the central server), he still has restrictions put on him (eg. no access to control panel). That is an isolated case, on that particular machine only. Any ideas? |
somebody (208) | ||
| 157453 | 2003-07-04 10:10:00 | If he can: Right-Click on My Computer Click Manage Click Local Users and Groups Click Users Make a new user in here, dont forget to right-click on that new user afterwards and choose Properties, make them an Administrator, and remove the User group Reboot and login as this new user Get into the User Accounts place going through the same steps you just took, only right-click on the Administrator account. Delete it and then Re-Create it! That should reset any settings that arent caused by a 3rd party app that's running on the PC that would be affecting it! Lemme know how you get on Cheers Chill. |
Chilling_Silently (228) | ||
| 157454 | 2003-07-04 10:15:00 | The problem happens when he logs onto the company domain, not just the local machine. I'm unsure what happens when he tries to log on to the local machine. As the machine has no actual important information, I think he'll just reinstall windows (from a drive image), in case someone has put something else dodgy on there as well. Thanks for your help anyway, and I'll pass your suggestions on to him when I see him next time. |
somebody (208) | ||
| 157455 | 2003-07-04 11:38:00 | My bet is the particular machines Group policies have been messed with. You would want to log into the machine locally, as Administrator. Not just one with Admin access. Now -> Run -> Gpedit.msc. You would want to check out the security settings. Its very easy to stop prying admins from accessing a machine on the network. :) Suggestion, the users using the network should only be Power Users, then its a little more difficult for them to do stuff. |
PoWa (203) | ||
| 157456 | 2003-07-05 04:18:00 | There is someone in his workplace who should be looking for a new job. Your friend should try "lockdown w2k server" in google. There's a selectiion of good links to help her to get the securiity fixed. There's even a free downloadable book to get from Microsoft. |
Graham L (2) | ||
| 157457 | 2003-07-05 05:12:00 | He is the only user in the company with Admin rights. Everyone is standard user logon rights - restrictions for almost everything. As far as I know, nobody has Power User rights either. |
somebody (208) | ||
| 157458 | 2003-07-05 07:25:00 | Maybe someone extracted the SAM password hashes and bruteforced the admin password :) | PoWa (203) | ||
| 157459 | 2003-07-06 04:51:00 | If someone changed the rights on one machine, there is more than one person with administrator privilege. No ordinary user should have that. Lock it down. (But have a copy of the Adminstrator password (and the password recovery floppy) in a sealed envelope in a safe place in case your friend has an accident). |
Graham L (2) | ||
| 157460 | 2003-07-06 04:55:00 | It's probably some kind of cracker's software I suspect. I think he'll probably choose the easy way out (reformat and reinstall), then find out a way to lockdown the computer and prevent it happening again. | somebody (208) | ||
| 157461 | 2003-07-06 21:23:00 | What if he makes a new user on the domain server with administrator rights and then logs on to the rogue PC with that new user name? | CYaBro (73) | ||
| 1 2 | |||||