T
Thomas M.
My employer has undertaken a project to get all of our users running with
limited user rights instead of administrator rights on the local box. I've
been given the task of figuring out how to verify that each department is in
compliance with this new policy.
Our machines run Windows XP and we are running Novell on the network. We
also run Active Directory. Is there a way to scan a range of IPs and detect
user accounts that have administrator rights on the local PC? Barring that,
it there any software out there that can detect user accounts that have
local administrative rights, perhaps when the user authenticates to a Novell
server or to Active Directory?
We just want a way to verify that departments are in compliance with the
standard, and I would rather not have to ask them and then just take their
words for it--I'd like to be able to independently verify that departments
are in compliance.
I'm new to the whole issue of limited user rights so I'm not sure if there
are any tools like this out there. Part of me thinks that such a tool does
not exist because it would be an excellent hacker tool and would present a
security risk to organizations, but the other part of me suspects that
hackers have tools like this anyway, so why not give it to Network
Administrators for legitimate work.
Anyway, if anyone has dealt with this kind of issue before, or knows of any
automated method for collecting this kind of information, please enlighten
me.
--Tom
limited user rights instead of administrator rights on the local box. I've
been given the task of figuring out how to verify that each department is in
compliance with this new policy.
Our machines run Windows XP and we are running Novell on the network. We
also run Active Directory. Is there a way to scan a range of IPs and detect
user accounts that have administrator rights on the local PC? Barring that,
it there any software out there that can detect user accounts that have
local administrative rights, perhaps when the user authenticates to a Novell
server or to Active Directory?
We just want a way to verify that departments are in compliance with the
standard, and I would rather not have to ask them and then just take their
words for it--I'd like to be able to independently verify that departments
are in compliance.
I'm new to the whole issue of limited user rights so I'm not sure if there
are any tools like this out there. Part of me thinks that such a tool does
not exist because it would be an excellent hacker tool and would present a
security risk to organizations, but the other part of me suspects that
hackers have tools like this anyway, so why not give it to Network
Administrators for legitimate work.
Anyway, if anyone has dealt with this kind of issue before, or knows of any
automated method for collecting this kind of information, please enlighten
me.
--Tom