Q

Why do Win2k servers allow any domain user to log onto them?

We have noticed that all of the Windows 2000 servers in our domain, with exception to the domain controllers, allow any domain user to log onto them. This is a security issue in our eyes. Is this a Microsoft flaw?
You can configure Windows 2000 server to allow or deny any user right, including "log on locally." Set it in the default domain controller policy. I agree, allowing users to sit at a console and log onto it is not good for server security.
This was first published in June 2003

Dig deeper on User passwords and network permissions

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchVirtualDesktop

SearchWindowsServer

SearchExchange

Close