View Full Version : SID Forging Please Urgent
IT_OPS
August 18th 05, 04:26 PM
I have very strange issue in few PCs of my network.We have Windows 2000
domian and Windows XP with SP1.On few windows xp computers when user log on
to the domain he is getting the ACL Permissions of other user and if you go
to files server and see the sessions it is showing - from that computer user
connected is for example John but actually on that Computer Eric is logged
on. Eric is getting the Johns Permissions like SIDis getting forged.
Can anybody help?
Regards
GTS
August 18th 05, 08:03 PM
Were XP installations cloned originally? See
http://www.sysinternals.com/Utilities/NewSid.html for one possible
explanation and solution.
--
"IT_OPS" > wrote in message
...
>I have very strange issue in few PCs of my network.We have Windows 2000
> domian and Windows XP with SP1.On few windows xp computers when user log
> on
> to the domain he is getting the ACL Permissions of other user and if you
> go
> to files server and see the sessions it is showing - from that computer
> user
> connected is for example John but actually on that Computer Eric is logged
> on. Eric is getting the Johns Permissions like SIDis getting forged.
>
> Can anybody help?
> Regards
IT_OPS
August 19th 05, 07:11 AM
All XP Computers are joined to domain and domain users are accessing network
resources i think for domain computers sids is not problem when you do
cloning.Here basically domain user sid is getting copied to other user and
one thing is if you delete that users profile then problem is getting solved.
Regards
"GTS" wrote:
> Were XP installations cloned originally? See
> http://www.sysinternals.com/Utilities/NewSid.html for one possible
> explanation and solution.
> --
>
> "IT_OPS" > wrote in message
> ...
> >I have very strange issue in few PCs of my network.We have Windows 2000
> > domian and Windows XP with SP1.On few windows xp computers when user log
> > on
> > to the domain he is getting the ACL Permissions of other user and if you
> > go
> > to files server and see the sessions it is showing - from that computer
> > user
> > connected is for example John but actually on that Computer Eric is logged
> > on. Eric is getting the Johns Permissions like SIDis getting forged.
> >
> > Can anybody help?
> > Regards
>
>
>
vBulletin® v3.6.4, Copyright ©2000-2024, Jelsoft Enterprises Ltd.