Brad Pears wrote:
> *I created a local "restricted" account on one of our Windwos XP Pro
> SP2
> machines using the admin account. I then discovered later that that
> user had
> somehow been given "administrator" rights on that machine.
>
> Upon further investigation, I discovered that if you log on to an XP
> machine
> using a "restricted" account, you can simply go into users and groups
> and
> give your self "administrative" rights...
>
> How can this be?? Does this not sound just WRONG to anyone?? Am I
> missing
> something here??
>
> What account should I be using to ensure that the user logging on can
> not
> change their account type?? (we are using the CTRL/ALT/DEL method
> of
> logging on - not the "easy" log on screen...
>
> Thanks,
>
> Brad *
Hi
You did remember to password protect the safe mode admin account?? If
you didn't all he had to do was boot into safe mode & log into the
built in admin account there & change his own account to admin, then
log out & boot up normally & log into his own account complete with
admin rights.
You need to check the safe mode admin account has a password set (by
default, it doesn,t).
Regards
CReWdog
--
CReWdog
------------------------------------------------------------------------
Posted via
http://www.mcse.ms
------------------------------------------------------------------------
View this thread:
http://www.mcse.ms/message1836562.html
FAQ
Search
Profile
Private Messages
Log in
Windows XP