Has anyone tried this?
1. Install "Adminstrative tools" on a workstation, i think it's adminpak.msi.
2. Logon to that workstation with average "user rights."
3. Open "users and computers" for your company's domain.
My experience has been, by doing the above, I can view ALL, users, computers, distribution groups, OU's, I can EVEN DELETE any users/computers left in the default folder with only having "user access"!!! WTF~!
Could I get someone to confirm that they can do this on their domain as well?
Any suggestions on how to secure this?
Thanks,
SomeJoe
1. Install "Adminstrative tools" on a workstation, i think it's adminpak.msi.
2. Logon to that workstation with average "user rights."
3. Open "users and computers" for your company's domain.
My experience has been, by doing the above, I can view ALL, users, computers, distribution groups, OU's, I can EVEN DELETE any users/computers left in the default folder with only having "user access"!!! WTF~!
Could I get someone to confirm that they can do this on their domain as well?
Any suggestions on how to secure this?
Thanks,
SomeJoe