Security Information

Previous page
Table of content
Next page

To change the password on an account, you have to have the SeChangeNotifyName (bypass traverse checking privilege) in addition to the right to change the password. If the tool is changing the password over the network, the account you use to execute the tool must also have the right to log on from the network on the target machine or domain controller. By default, all users have these rights and permissions in Windows 2000 and higher. Because you must know the old password to change the password, this is not a security breach. If you have the old password, you obviously have the right to change the password.

If you do not have the old password, the tool will perform a password reset. In this case, you need the same rights, but you also need permission to reset a password. By default, only administrators and the user whose password you are trying to reset have these rights.

If you specify the identifier 500 for the account name, you must have the right to perform SID/ Name translation on the target. By default, all users have this right in Windows 2000. In Windows XP and higher, all authenticated users can perform this operation.


Previous page
Table of content
Next page
Protect Your Windows Network From Perimeter to Data
Protect Your Windows Network: From Perimeter to Data
ISBN: 0321336437
EAN: 2147483647
Year: 2006
Pages: 219
Authors: Jesper M. Johansson, Steve Riley
BUY ON AMAZON
CISSP Exam Cram 2
Image Processing with LabVIEW and IMAQ Vision
A+ Fast Pass
The Java Tutorial: A Short Course on the Basics, 4th Edition
GO! with Microsoft Office 2003 Brief (2nd Edition)
Python Programming for the Absolute Beginner, 3rd Edition
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy