Has any one ever thought of a method to determine if the credentials a site has given you really is provided admin level access? I mean, we do a lot of traveling audits and we require the customer to provide us with an account that we then populate into the KnownAccounts.bin file. How do I really know this account is admin level? How do I know if it is enabled in the Domain SAM? Waiting until the scan is over and examining the log files is one method, but then the time is wasted. I don't like logging on with the admi account because there is more chance for inadvertent mistakes. What techniques do you suggest for determining prior to a scan if the account is valid? Mapping a drive and checking the rights? What else? Thanks
Mark P. Evans Northrop Grumman IT DISA Field Security Operation (OP74) Chambersburg, PA 17201 ** The opinions expressed here are my own and do not reflect upon my company or the US Government ** _______________________________________________ ISSForum mailing list [EMAIL PROTECTED] TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo
