Security Basics mailing list archives
RE: Windows 2000 user login
From: "dave" <dave () netmedic net>
Date: Fri, 28 Mar 2003 14:01:14 -0500
Instead of buying something, might you try: Nbtstat -A 192.168.0.0 -n Sub your IP address of course. Now you could write a batch to do all in one shot something like Nbtstat -A 192.168.0.0 -n > whoislogon.txt Nbtstat -A 192.168.0.1 -n >> whoislogon.txt Nbtstat -A 192.168.0.2 -n >> whoislogon.txt Nbtstat -A 192.168.0.3 -n >> whoislogon.txt Nbtstat -A 192.168.0.4 -n >> whoislogon.txt Notepad.exe whoislogon.exe This would list all your IP's and who was logged on them. Dave _____________________ Dave Kleiman dave () netmedic net www.netmedic.net -----Original Message----- From: Su Wadlow [mailto:swadlow () utdallas edu] Sent: Thursday, March 27, 2003 11:26 To: security-basics () securityfocus com Subject: Re: Windows 2000 user login --On Wednesday, March 26, 2003 1:16 PM -0500 "Wright, Bill" <bwright () ny whitecase com> wrote:
I have never posted to this board, so hopefully I'm following the right procedures. My issue is that a user's account keeps getting locked out due to an aggressive password policy (30 days) and he claims that he isn't logged into multiple machines nor is he fat fingering his password. Is anybody aware of a product to find out where or how many Windows 2000 servers or workstations a user is logged into? My thinking is that he's logged into multiple machines under an old password that keeps locking him out.
I personally don't know of ways to determine the number or location(s) of workstation(s) a user is logged in to, but here are other issues that could be causing the account lockout on just the one workstation: * A service that runs in the user's context instead of the SYSTEM context and that occasionally has to communicate with a domain server. * Specialty software that has to store the user's password and that communicates with a domain server and somehow passes that password to the server. * If you're using Exchange and the user has the mailbox open in Outlook when he changes his password, Outlook will still touch the Exchange server with the old password (like at mail checks). If the user just locks his workstation and doesn't log out, the account will keep getting locked out. * Persistant network drive mappings can sometimes retain knowledge of an old password. -- Su Wadlow swadlow () utdallas edu Faculty/Staff Support ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfsbl1 ------------------------------------------------------------------- SurfControl E-mail Filter puts the brakes on spam, viruses and malicious code. Safeguard your business critical communications. Download a free 30-day trial: http://www.surfcontrol.com/go/zsfsbl1
Current thread:
- Windows 2000 user login Wright, Bill (Mar 27)
- RE: Windows 2000 user login John Tolmachoff (Mar 28)
- Re: Windows 2000 user login Su Wadlow (Mar 28)
- RE: Windows 2000 user login dave (Mar 29)
- RE: Windows 2000 user login dave (Mar 31)
- RE: Windows 2000 user login dave (Mar 31)
- RE: Windows 2000 user login dave (Mar 29)
- Re: Windows 2000 user login Chuck Swiger (Mar 28)
- <Possible follow-ups>
- RE: Windows 2000 user login Wright, Bill (Mar 28)
- Re: Windows 2000 user login Scott Cadwell (Mar 28)
- RE: Windows 2000 user login Robinson, Sonja (Mar 28)
- Re: Windows 2000 user login nightowlcat (Mar 28)
- Re: Windows 2000 user login H Carvey (Mar 28)
- RE: Windows 2000 user login Moeckel, Sharon (Mar 29)
- RE: Windows 2000 user login Andre Luis Braz Henrique (Mar 29)