Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Microsoft
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Preventing multiple logins in 2003

from [Martin Mewes] Network Security [Permanent Link]
Subject: Re: Preventing multiple logins in 2003
Date: Fri, 28 Jan 2005 08:14:03 +0100 
Hi Ian,

Ian Turnbull <ian.turnbull@mpsgi.com> wrote :


It has been noted that some of our user base are allowing other
members of staff to login using their user account. We are currently
in the process of moving to a fully functional 2003 domain and I
would like to disable concurrent logons via group policy. Any
suggestions?


We had the same problem here and did not come to any conclusions.
For now we have written a little logon script which writes a lock into 
the $home of the user like this ...

:test
if not exist \\path\logged.in goto login
logout.exe

:login
echo lock > \\path\logged.in
...

... together with a logout script which deletes the lock. Anyway from 
time to time we run into trouble if a users machine has a blue screen 
or something so tha admin has to delete the lock manually.

We thought about locking the user to a collection of single machine 
(which is possible since NT4) but not sure if this really helps.

bis dahin/kind regards
   
Martin Mewes
   
-- 
The e-mail server is unable to verify your server connection and
is unable to deliver this message. Please restart your computer and
try sending again.  (The beauty of it is that when I return, I can
see how many in-duh-viduals did this over and over)  

---------------------------------------------------------------------------
---------------------------------------------------------------------------
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Users "bypassing" Group Policy restrictions, Seyberth, Allan CIV BDQT
Next by Date:  RE: RESPONSE: Users "bypassing" Group Policy restrictions, Laura A. Robinson
Previous by Thread:  Preventing multiple logins in 2003, Ian Turnbull
Next by Thread:  RE: Preventing multiple logins in 2003, dave kleiman
Indexes:  [Date] [Thread] [Top] [All Lists]