tankman1989
Gawd
- Joined
- Aug 21, 2009
- Messages
- 588
I'm a little foggy about how to pose my question as some time has gone by since this issue. The OS was XP pro and we were running Server 2008 with AD. There was a piece of software one user said was required but this software needed admin rights to run. IIRC I tried to make the user a local admin but since logging onto the machine required logging into AD I think there was some issue with the software not working because the user wasn't an admin on the domain. Does this sound like it is probable?
The reason I'm asking is because there was issue with another machine on the network having it's password changed and then accessed after password change. Now I don't remember whether the accessed machine only had it's local password changed or if it was the domain password. It was very confusing at the time because at times the user wouldn't have network access so they logged in locally.
The point is, I'm trying to figure out if this security issue was related to the admin rights on the user with the "special" software.
At the time I knew whatever was happening was possible due to the admin rights issue but have forgotten exactly what was going on.
-If a user has local admin rights and general user domain account, is it possible to gain admin rights on a network PC either remotely or in person?
-If user has domain admin rights, could they remotely log into network PC and change local user password on the network PC?
The reason I'm asking is because there was issue with another machine on the network having it's password changed and then accessed after password change. Now I don't remember whether the accessed machine only had it's local password changed or if it was the domain password. It was very confusing at the time because at times the user wouldn't have network access so they logged in locally.
The point is, I'm trying to figure out if this security issue was related to the admin rights on the user with the "special" software.
At the time I knew whatever was happening was possible due to the admin rights issue but have forgotten exactly what was going on.
-If a user has local admin rights and general user domain account, is it possible to gain admin rights on a network PC either remotely or in person?
-If user has domain admin rights, could they remotely log into network PC and change local user password on the network PC?