ts session without authentication

R

Robert E

W2K server with ts running (non app mode)both connections
are used. server notifies admins that sys drive is full.
zero mb space available. using TS mgr, noticed user1 has
been disconnected, I can ts into the server without
authentication into user1 credentials when I should
actually be user3. All users are admins on the server.
Any ideas how this is done and what can I do to stop it?
 
M

Matthew Harris [MVP]

Go into the terminal services configuration on that server
and set a timeout for disconnected sessions. That way if
a session becomes disconnected, it'll be reset
automatically after a certain amount of time, rather than
just sitting in the disconnected state forever.

-M
 
R

Robert E

Thans for the response. This is an excellent idea if I
wanted the disconnected session to be reset. For
instance, if one admin is running scripts that does not
require constant monitoring, then they usually will
disconnect the session and let the work occurr,
periodically checking back on it. If I reset the session,
the work being performed in the background will be
distroyed. We don't want that. I would like to know how I
can ts into a server with a disconnected session that is
not mine? I do not have to authenticate. Your help is
greatly appreciated.
 
M

Matthew Harris [MVP]

Maybe I'm just a little lost here, but are you saying that
you can connect to a disconnect RDP session without first
having to logon and provide your credentials? This isn't
the default behavior...do you have autologins enabled?

If the session isn't yours then you can't connect to it at
logon. However, you can run the connect.exe command to
attach to that session permanently. Check out connect /?
at the command line.

-M
 
R

Robert E

You are not lost here, that is exactly what I am saying
here. I believe that the situation is just right to
bypass any security. If the root drive on the server in
question has 0(zero) MB space left and a disconnected TS
session is on the server, then I can connect without
providing credentials. I am trying to duplicate the issue
in our lab here. I will continue to troubleshoot to find
more answers. We do not have autologins enabled. We
connect using standard ts and normal logins.
 
M

Matthew Harris [MVP]

Hm...quite odd. If you find out anything, could you send
it to me in a private e-mail. I'd love to see your
results here.

-M
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

TS Timeout Session Issue 1
Cannot connect to W2K server as TS client 2
RD client cannot reconnect to disconnected TS session 2
Logon Errors---help--- 1
limiting TS session 3
Terminal sessions come to a crawl 2
XP connection timeout to 1TS but ok to other TS 1
Access and Terminal Server - very high CPU usage 0

Top