admin rights from computer outside of domain

Here is an interesting and disturbing problem:

I set up a local pc with xp sp2, logged in as local administrator with local
password. The pc was not yet joined to my domain, but was connected to our
ehternet lan. I went into File manger, and typed in \\file-server\d$ (our
domain controller) it gave me FULL ADMINISTRATIVE FILE RIGHTS to the file
server on XYZ domain. The pc was not joined to the domain, it was only in
the default workgroup (brand new pc, first time I logged in) The local
administrator password was not the same as my Domain Administrator password.
It did not ask me to log onto the domain, absolutely no connection, other
than they were on the same ethernet network.

Can anyone shed some light on this for me?

thanks Bill

Bill <(E-Mail Removed)> wrote:
> Here is an interesting and disturbing problem:
>
> I set up a local pc with xp sp2, logged in as local administrator
> with local password. The pc was not yet joined to my domain, but was
> connected to our ehternet lan. I went into File manger, and typed in
> \\file-server\d$ (our domain controller) it gave me FULL
> ADMINISTRATIVE FILE RIGHTS to the file server on XYZ domain. The pc
> was not joined to the domain, it was only in the default workgroup
> (brand new pc, first time I logged in) The local administrator
> password was not the same as my Domain Administrator password. It did
> not ask me to log onto the domain, absolutely no connection, other
> than they were on the same ethernet network.
>
> Can anyone shed some light on this for me?
>
> thanks Bill

This sounds very interesting indeed - and not possible in any way I can
think of, unless the security ojn your admin share has been modified to
permit EVERYONE or anonymous access (check it out). Otherwise, the only way
your scenario could possibly occur is if the username and password on the
local computer match your domain admin credentials. There's simply no way
for it to happen otherwise.

yeah, that's what stumps me, there is no logical way for this to happen.

the administrative shares can't be modified any way that I know of.....do
you know of a way to modify an adminstrative share? and its not happening
just on the D$ share, but also C$ and E$.....



"Lanwench [MVP - Exchange]" wrote:

> Bill <(E-Mail Removed)> wrote:
> > Here is an interesting and disturbing problem:
> >
> > I set up a local pc with xp sp2, logged in as local administrator
> > with local password. The pc was not yet joined to my domain, but was
> > connected to our ehternet lan. I went into File manger, and typed in
> > \\file-server\d$ (our domain controller) it gave me FULL
> > ADMINISTRATIVE FILE RIGHTS to the file server on XYZ domain. The pc
> > was not joined to the domain, it was only in the default workgroup
> > (brand new pc, first time I logged in) The local administrator
> > password was not the same as my Domain Administrator password. It did
> > not ask me to log onto the domain, absolutely no connection, other
> > than they were on the same ethernet network.
> >
> > Can anyone shed some light on this for me?
> >
> > thanks Bill
>
> This sounds very interesting indeed - and not possible in any way I can
> think of, unless the security ojn your admin share has been modified to
> permit EVERYONE or anonymous access (check it out). Otherwise, the only way
> your scenario could possibly occur is if the username and password on the
> local computer match your domain admin credentials. There's simply no way
> for it to happen otherwise.
>
>
>

correction - this file server is NOT a domain controller, but simply is a
member of our only domain.....if that makes any difference

thanks-
Bill


"Bill" wrote:

> yeah, that's what stumps me, there is no logical way for this to happen.
>
> the administrative shares can't be modified any way that I know of.....do
> you know of a way to modify an adminstrative share? and its not happening
> just on the D$ share, but also C$ and E$.....
>
>
>
> "Lanwench [MVP - Exchange]" wrote:
>
> > Bill <(E-Mail Removed)> wrote:
> > > Here is an interesting and disturbing problem:
> > >
> > > I set up a local pc with xp sp2, logged in as local administrator
> > > with local password. The pc was not yet joined to my domain, but was
> > > connected to our ehternet lan. I went into File manger, and typed in
> > > \\file-server\d$ (our domain controller) it gave me FULL
> > > ADMINISTRATIVE FILE RIGHTS to the file server on XYZ domain. The pc
> > > was not joined to the domain, it was only in the default workgroup
> > > (brand new pc, first time I logged in) The local administrator
> > > password was not the same as my Domain Administrator password. It did
> > > not ask me to log onto the domain, absolutely no connection, other
> > > than they were on the same ethernet network.
> > >
> > > Can anyone shed some light on this for me?
> > >
> > > thanks Bill
> >
> > This sounds very interesting indeed - and not possible in any way I can
> > think of, unless the security ojn your admin share has been modified to
> > permit EVERYONE or anonymous access (check it out). Otherwise, the only way
> > your scenario could possibly occur is if the username and password on the
> > local computer match your domain admin credentials. There's simply no way
> > for it to happen otherwise.
> >
> >
> >

Bill <(E-Mail Removed)> wrote:
> correction - this file server is NOT a domain controller, but simply
> is a member of our only domain.....if that makes any difference
>
> thanks-
> Bill
>
Then are you absolutely certain it doesn't match the server's local admin
credentials? There's just no way this can happen without it matching
something. I promise.
>
> "Bill" wrote:
>
>> yeah, that's what stumps me, there is no logical way for this to
>> happen.
>>
>> the administrative shares can't be modified any way that I know
>> of.....do you know of a way to modify an adminstrative share? and
>> its not happening just on the D$ share, but also C$ and E$.....
>>
>>
>>
>> "Lanwench [MVP - Exchange]" wrote:
>>
>>> Bill <(E-Mail Removed)> wrote:
>>>> Here is an interesting and disturbing problem:
>>>>
>>>> I set up a local pc with xp sp2, logged in as local administrator
>>>> with local password. The pc was not yet joined to my domain, but
>>>> was connected to our ehternet lan. I went into File manger, and
>>>> typed in \\file-server\d$ (our domain controller) it gave me FULL
>>>> ADMINISTRATIVE FILE RIGHTS to the file server on XYZ domain. The
>>>> pc was not joined to the domain, it was only in the default
>>>> workgroup (brand new pc, first time I logged in) The local
>>>> administrator password was not the same as my Domain Administrator
>>>> password. It did not ask me to log onto the domain, absolutely no
>>>> connection, other than they were on the same ethernet network.
>>>>
>>>> Can anyone shed some light on this for me?
>>>>
>>>> thanks Bill
>>>
>>> This sounds very interesting indeed - and not possible in any way I
>>> can think of, unless the security ojn your admin share has been
>>> modified to permit EVERYONE or anonymous access (check it out).
>>> Otherwise, the only way your scenario could possibly occur is if
>>> the username and password on the local computer match your domain
>>> admin credentials. There's simply no way for it to happen otherwise.

no - I promise.

yes, the local login name is administrator - but the password is completely
different. and the local pc isn't joined to the domain.



"Lanwench [MVP - Exchange]" wrote:

> Bill <(E-Mail Removed)> wrote:
> > correction - this file server is NOT a domain controller, but simply
> > is a member of our only domain.....if that makes any difference
> >
> > thanks-
> > Bill
> >
> Then are you absolutely certain it doesn't match the server's local admin
> credentials? There's just no way this can happen without it matching
> something. I promise.
> >
> > "Bill" wrote:
> >
> >> yeah, that's what stumps me, there is no logical way for this to
> >> happen.
> >>
> >> the administrative shares can't be modified any way that I know
> >> of.....do you know of a way to modify an adminstrative share? and
> >> its not happening just on the D$ share, but also C$ and E$.....
> >>
> >>
> >>
> >> "Lanwench [MVP - Exchange]" wrote:
> >>
> >>> Bill <(E-Mail Removed)> wrote:
> >>>> Here is an interesting and disturbing problem:
> >>>>
> >>>> I set up a local pc with xp sp2, logged in as local administrator
> >>>> with local password. The pc was not yet joined to my domain, but
> >>>> was connected to our ehternet lan. I went into File manger, and
> >>>> typed in \\file-server\d$ (our domain controller) it gave me FULL
> >>>> ADMINISTRATIVE FILE RIGHTS to the file server on XYZ domain. The
> >>>> pc was not joined to the domain, it was only in the default
> >>>> workgroup (brand new pc, first time I logged in) The local
> >>>> administrator password was not the same as my Domain Administrator
> >>>> password. It did not ask me to log onto the domain, absolutely no
> >>>> connection, other than they were on the same ethernet network.
> >>>>
> >>>> Can anyone shed some light on this for me?
> >>>>
> >>>> thanks Bill
> >>>
> >>> This sounds very interesting indeed - and not possible in any way I
> >>> can think of, unless the security ojn your admin share has been
> >>> modified to permit EVERYONE or anonymous access (check it out).
> >>> Otherwise, the only way your scenario could possibly occur is if
> >>> the username and password on the local computer match your domain
> >>> admin credentials. There's simply no way for it to happen otherwise.
>
>
>
>

Bill <(E-Mail Removed)> wrote:
> no - I promise.
>
> yes, the local login name is administrator - but the password is
> completely different. and the local pc isn't joined to the domain.
>

Joined to the domain doesn't matter. The password does, though. On the
workstation, have you *ever* been asked to provide credentials for that
share? Type net use * /del. Then change the local admin password on the
server, reboot the workstation just for fun, and try again.
>
>
> "Lanwench [MVP - Exchange]" wrote:
>
>> Bill <(E-Mail Removed)> wrote:
>>> correction - this file server is NOT a domain controller, but simply
>>> is a member of our only domain.....if that makes any difference
>>>
>>> thanks-
>>> Bill
>>>
>> Then are you absolutely certain it doesn't match the server's local
>> admin credentials? There's just no way this can happen without it
>> matching something. I promise.
>>>
>>> "Bill" wrote:
>>>
>>>> yeah, that's what stumps me, there is no logical way for this to
>>>> happen.
>>>>
>>>> the administrative shares can't be modified any way that I know
>>>> of.....do you know of a way to modify an adminstrative share? and
>>>> its not happening just on the D$ share, but also C$ and E$.....
>>>>
>>>>
>>>>
>>>> "Lanwench [MVP - Exchange]" wrote:
>>>>
>>>>> Bill <(E-Mail Removed)> wrote:
>>>>>> Here is an interesting and disturbing problem:
>>>>>>
>>>>>> I set up a local pc with xp sp2, logged in as local administrator
>>>>>> with local password. The pc was not yet joined to my domain, but
>>>>>> was connected to our ehternet lan. I went into File manger, and
>>>>>> typed in \\file-server\d$ (our domain controller) it gave me FULL
>>>>>> ADMINISTRATIVE FILE RIGHTS to the file server on XYZ domain.
>>>>>> The pc was not joined to the domain, it was only in the default
>>>>>> workgroup (brand new pc, first time I logged in) The local
>>>>>> administrator password was not the same as my Domain
>>>>>> Administrator password. It did not ask me to log onto the
>>>>>> domain, absolutely no connection, other than they were on the
>>>>>> same ethernet network.
>>>>>>
>>>>>> Can anyone shed some light on this for me?
>>>>>>
>>>>>> thanks Bill
>>>>>
>>>>> This sounds very interesting indeed - and not possible in any way
>>>>> I can think of, unless the security ojn your admin share has been
>>>>> modified to permit EVERYONE or anonymous access (check it out).
>>>>> Otherwise, the only way your scenario could possibly occur is if
>>>>> the username and password on the local computer match your domain
>>>>> admin credentials. There's simply no way for it to happen
>>>>> otherwise.