I have recently encountered what i believe to be a bug in NT security when using Windows Terminal Server 4.0 on NT 4.00.1381 (Service Pack 4). The problem occured in an environment with 2 WTS servers using Metaframe and running a Loadbalancing service, two file/ print servers also running Oracle databases and one name server set to be PDC. The users homedirectories containing WTS/ NT profiles are located on the PDC. If you log on to the WTS and type the wrong password more than three times, the your account gets locked out. BUT, if you choose to continu trying anyway, and after some time manage to type in the correct password, the WTS will let you log on as an 'anonymous user' account, using either a locally stored profile or a default profile. This beacause the PDC denies access to the homedir. The funny thing is, you have no access to the PDC, which only replies with 'your account is locked out', but the WTS ignores this and lets you browse the network, map up locally shared drives/ catalogues, run command.com / cmd.exe or regedit/ regedt32. I have not found out what kind of access th user hasat this point, but more than he/ she should anyways... Now, the user in this example was set up like this in usermgr: Homedir path \\nt40pdc\usernameshare$ No terminal homedir Allow logon, no timeouts. This means two severe problems: If the users profile is unavailable for some reason, the user is logged on anyway. The 'account locked out' function does not work on WTS Well, this should be something to work on, happy hunting! (][mistr][) (][there is no spoon][)
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:48:32 PDT