Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

how do I lock everyone including the administrator out of my machine? 2

Status
Not open for further replies.
duff64

duff64

MIS
Joined
Jun 11, 1999
Messages
8
Location
US
I want to lock everyone out of my machine, do I simply need to put a password on the administrator account? Anfd how can I keep others from mapping to my machine?<br>
<br>
Tahnks
 
Sort by date Sort by votes
There is no way to lockout the Administrator other than changing the password to something only you know. Are you working with the server or a workstation?
 
Upvote 0 Downvote
jsauce,<br>
<br>
I am working with workstation.
 
Upvote 0 Downvote
If you are a user why would you want to lock out the admin
 
Upvote 0 Downvote
Admins can view/download files off of your hard drive, without you knowing it (over the network), as long as your PC is running. Changing the password won't stop them from doing this, though.<br>
<br>
Anyone know how to prevent this?<br>
<br>
Bob
 
Upvote 0 Downvote
As long as the machine is not participating in Domain Security and the local admin password is not the same as the admin's. or known to anyone else, and the shares, if any, are restricted, access will be denied. Windows NT Security is implicit denial therefor, unless the right is granted by domain security, access is governed by local accounts. So, make sure that it is a member of a domain but not participating in it's security, and make sure your local account passwords are secure and the local shares are secure.<br>

 
Upvote 0 Downvote
He's right local security is first, before network security. But I wonder if we are not helping someone who is trying to prevent a SYS ADMIN, who should have access to his system, now not have access. In any case there are reasons why there are Administrators and then just plain users. Let the administrators have their access, trying to remove it could cause more trouble than it is worth...just a tip.
 
Upvote 0 Downvote
I would agree, generally this is against a companies published security policy. If something happens to this person (dead, leave, etc.) then access to the base accounts becomes a hack instead of a simple login. In any rate, I would confer with your IT department in order to make the best decision on how to secure your local data. Besides, there is no way to absolutely keep someone out. There are methods of extracting passwords from NT without the end user's knowlege hence the info above is meant to keep the curious out, but ultimately cannot keep a serious admin out of the system (as it should be).
 
Upvote 0 Downvote
Sysadmin get particularly testy when you do lock them out, and promptly think you're doing something you shouldn't. this tends to tempt them into A.) having a word with your supervisor on your attempting to obstruct their job, or less pleasantly B.) hacking their way into your machine to see what you're not supposed to be doing.<br>
(I prefer b, as I can claim its a security test, and the offender was just randomly chosen...then changing the user's passwords so they HAVE to admit what they did)<br>
<br>
Oh, and if the local accounts are stored on a server, what would let a workstation modify their account?
 
Upvote 0 Downvote
pull the network cable out the back of your machine,& pull the keyboard out to. that should keep them off your pc for a bit 8-)
 
Upvote 0 Downvote
on nt workstation, one can block any remote access by stopping the server service (assumes one is not sharing drives or printers). You need admin access to do this. There are a few (very few) odd applications that require server service be running. Try it if you have local admin access.
 
Upvote 0 Downvote
I don't know about NT Workstation (not installed) but I hope someone will try this and let me know if it works. I've had a little fun denying admin access to a large branch of folders on my Win95 station. Use the command prompt to create a directory name consisting of the ASCII character 229. Then use SUBST Z: [char229] to give youself access from the desktop. Move all of your &quot;mission critical&quot; files to the Z: drive and ask the administrator if he can access the drive.<br>
Works on 95, probably because remote admin doesn't work very well. Someone let me know how it works on Workstation.<br>
<br>
Bored and restless in Ohio
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

techbrain1
  • Question Question
Explorer Error the operating system is not compatible with this product
Replies
0
Views
265
techbrain1
techbrain1
mangentle
  • Locked
  • Question Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
1K
gbaughma
gbaughma
DrB0b
  • Locked
  • Question Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
1K
DrB0b
DrB0b
mangentle
  • Locked
  • Question Question
What could be the potential causes if a Microsoft Windows Server is experiencing slow network!
Replies
1
Views
1K
gbaughma
gbaughma
nukeinfer
  • Locked
  • Question Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
879
mangentle
mangentle

Part and Inventory Search

Sponsor

Back
Top