Re: disconnect users immediately

Tech-Archive recommends: Fix windows errors by optimizing your registry

Shutdown tool is nice -- if you know where users is logged on to :-) and
he/she could be logged on to multiple computers...

--
Mike
Microsoft MVP - Windows Security

"Erik Szewczyk [MVP]" <erik@xxxxxxxxxxxxxxxx> wrote in message
news:03C6C8C7-C2D4-480E-90A3-3DC88E76C2AF@xxxxxxxxxxxxxxxx
> As others have mentioned there are plenty of other places that the cached
> credentials are going to allow you to continue to have access (in some
> cases
> for much longer than 15-30 minutes.
>
> For example if they have a laptop that is not connected to the network
> they
> will continue to be able to log on and perform tasks with their account
> because credentials are cached.
>
> I agree that your first concern (after disabling their account) should be
> physical access (taking away the computer or having them log off) and
> restricting them as much as possible. One easy way to ensure this would
> be
> to force a logoff remotely (hint: shutdown -i can perform remote logoffs).
> Ensuring they dont do anything they shouldnt before leaving the building
> should be controlled by someone (i.e. their manager).
>
> Terminations are more than just a technical process; typically their
> Manager, HR, Security, IT all have a part in the process.
>
> Regards,
> Erik
> --
> This post is provided "AS IS" and without warranty, expressed or implied.
> In
> no event shall I be liable for any damages whatsoever resulting from the
> application of the posted content.
>
>
> "Craig" wrote:
>
>> I notice when I disabled a users account that user stil had access for
>> about
>> 15-30 minutes. Is there a method short of disconnecting the cable to
>> immediately disconnect a user from an AD and exchange 2003 system??
>>
>>
>>
>> cr
>>
>>
>>


.

Relevant Pages

  • Re: User May be Logged in somewhere else. Lockout 3x a day
    ... Could also be an Scheduled Task or mapped drive that uses persistent credentials. ... Common Causes for Account Lockouts ... This section describes some of the common causes for account lockouts The common ... manager on member computers that use the account as well as domain controllers. ...
    (microsoft.public.win2000.general)
  • Re: Please help me, it is highly Urgent.............
    ... The reason why the threshold is given as 5 is because of security concern. ... with credentials that subsequently expired. ... Account lockout duration = 0 ... Persistent drives may have been established ...
    (microsoft.public.windows.server.active_directory)
  • Re: How do you wintrolls...
    ... the system will automatically log in with those credentials from then on. ... account credentials, exactly what files do you think he wants to access? ... When Vista asks you if a newly discovered network is 'Public' or 'Private', this is one of the things it is doing. ... I have not found any necessary functionality in the menu bar; as far as I can see the only the functions that are in the menu bar are the greybeard switch for the old-style status bar and, oddly, the 'Invert Selection' command- which strictly speaking can always by done manually. ...
    (comp.sys.mac.advocacy)
  • Re: custom page for user credentials?
    ... credentials against the various domains. ... after the user authenticates with IIS handling the SSPI Negotiation. ... possible for IIS6 to link a Passport user account to an AD user account -- ...
    (microsoft.public.inetserver.iis.security)
  • RE: username and Password sent as clear text strings
    ... If I remember correctly, WebScarab fakes a certificate, and you are able ... to see credentials in clear text. ... log in to the server requires a administrative account. ... Nothing in this message is intended to constitute an Electronic signature ...
    (Pen-Test)