S
sagelike
Guest
I discovered that the domain user that Plesk creates for a domain (xyz.com = "xyz" user) can actually log onto Windows, assuming someone made it that far.
We use other remote control programs to access the server (not RDP) and each access point represents one more barrier to entry. Assuming someone could access remote control, being able to access the server via a user account provides dozens of opportunities to try various user names and passwords and since users don't always create strong passwords, this represents a serious security risk.
Users have limited privileges but they users shouldn't be allowed to logon onto the server directly and I'd like to know how disable Windows server logon without affect access to their server account.
Anyone have any experience with this or advice?
I really want to lock this down.
Thanks
G
We use other remote control programs to access the server (not RDP) and each access point represents one more barrier to entry. Assuming someone could access remote control, being able to access the server via a user account provides dozens of opportunities to try various user names and passwords and since users don't always create strong passwords, this represents a serious security risk.
Users have limited privileges but they users shouldn't be allowed to logon onto the server directly and I'd like to know how disable Windows server logon without affect access to their server account.
Anyone have any experience with this or advice?
I really want to lock this down.
Thanks
G