Yah, I won't leave a user logged in. Not an option here. Thank you. ..D On Thu, 5 Aug 2004 14:30:41 -0700, John Tolmachoff (Lists) <johnlist@xxxxxxxxxxxxxxxxxxx> wrote: > http://www.MSExchange.org/ > > > You should leave the user logged in. Meaning, you > > should LOCK the computer using ctrl-alt-delete, therby > > securing the server and maintaining your mapped > > drives. > > I do that for all 110 of my servers. If you leave it > > unlocked and logged off, anyone can log into it > > creating a huge security problem. > > THAT is a big item for discussion. IMHO, leaving the server logged on, > whether or not locked, is a security risk. Any thing that can fire from the > server with a user logged in will run under the permissions of that user. If > no one is logged in, they first have to authenticate. > > If you consider a computer sitting there not logged in a security risk, time > to look at user access policies and password policies. > > John Tolmachoff > Engineer/Consultant/Owner > eServices For You > > > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp > Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 ISA Server Resource Site: http://www.isaserver.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this MSEXchange.org Discussion List as: > nocmonkey@xxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >