Login into Network Workstation as Local Administrator

[Cryo]

Quote:

Originally Posted by TmC

Is it possibile, using the Windows suggestions, to log as an Administrator on remote machines? Said in other words: Do REMOTECOMPUTERNAME\username allow someone to remotely log as a local user onto the remote machine? If so, what would the user be able to do? Would he be able to access the files in a network folder onto the remote computer bypassing the Domain Controller Authentication since he is seen as local user?

Let's say we have a system that's set up like so:

Code:

Workstation 1:
    Domain:    ACME
    Hostname:  LOCALWIN
    Users:     Administrator, Bob, Alice

And that the system allows for members of the Domain Users group to login to it.

If the domain policies (GPO, etc.) didn't forbid logging in via RDP, then I would be able to login to the remote system from my own system using the accounts LOCALWIN\Administrator, LOCALWIN\Bob, and LOCALWIN\Alice, as well as with accounts such as ACME\Steve. The account that I login as would have the same level of access as it would if I had logged in while physically sitting at that system, for the most part.

[Kerlingen]

Renaming the local admin account is only useful if somebody has no possibility to bypass the "enter username/password" dialog and would need to guess both. If a user can log in with a local or domain account, he can list all local accounts of the computer he's working on. There is no way to prevent that.

If two computers have a local account with the same username/password combination and one of them accesses the other over the network Windows will test the current login credentials before even asking username/password for the remote computer. There are some small annoyances like losing your elevation status when you access remote network shares from an admin account, but since you have admin rights you can just elevate again.

So if all computers share the same admin username/password, of course anybody who knows that information can log in on those computers.

Accessing "network folders" is of course something else. A local admin has only local rights. Unless you have important data stored on workstations or use the same username/password for the domain admin, accessing server data will only work with a valid domain account.

A bad person could use the local admin to install some spyware which waits until a user with valid domain credentials logs in and access server data that way.

I really hope you are just a concerned employee and not the person responsible for the security of the network. ;-)