|
Posted by <Centra on April 23, 2006, 7:22 am
Please log in for more thread options Thanks for the advice Roger,
The machine may well have sessions to this server under another account. It
is actually the IT manager who wants to be able to access admin shares every
now and again and was wondering why he couldn't. He has multiple connections
to all his servers and also multiple RDP sessions. I might advise trying
from another machine with no other sessions to try and pin the problem down
further. Meanwhile I will advise just using specific shares.
Cheers
Rich
>
>> Hi,
>>
>> Quick question, we have removed all users from the administrators/ domain
>> admin groups for security reasons. However one side affect of this has
>> been
>> that we can no longer brows to unc admin shares eg: \server1\c$ even
>> when
>> we use the administrator username and password and with the domain prefix
>> eg: domain\administrator as the user when prompted for an authorised
>> user.
>>
>> Does anybody know if this is standard behaviour and if it is is there a
>> way
>> round it? Or is is down to s Group policy setting that we may have added
>> in
>> the past for example?
>>
>
> This is not standard behavior if the Administrator account is not
> renamed, disabled, denied/not-granted network logon, and if the
> account attempting the mapping does not already have a session
> with the same server.
>
> I have to wonder - since you have removed the excessive grant
> for security reasons, why are you now trying to defeat a part of
> that heightened protection? It would make much more sense to
> assess to what it is that Users actually does need access and then
> to share that out for the Users.
>
>
>
| 
XML Sitemap