Ping a Specific Port

Question

Mohnish

Asked: 2012-05-19 08:01:46 +0800 CST2012-05-19 08:01:46 +0800 CST 2012-05-19 08:01:46 +0800 CST

Windows 7 - Network admin access to user login credentials?

772

In a Windows environment, does the network administrator have access to the user network password? Can he use the user LAN credentials to login to his machine when the user is away?

EDIT - I ask this because my company has implemented SSO to ADP payroll website. If I'm logged in to Windows, I'm automatically logged in to our intranet site. And if I click on ADP link on my intranet site, it automatically (SSO) logs me into ADP portal.

Given this, my network admin can see my personal info, if he has access to my LAN network user/pass. I understand that admin can reset pass etc. but does he have access to real user password on LAN?

6 Answers

Voted

joeqwerty · Answer 1 · 2012-05-19T08:34:25+08:00

Best Answer

joeqwerty

2012-05-19T08:34:25+08:002012-05-19T08:34:25+08:00

No. The domain administrator does not have access to any other users password and can't logon to the domain as that user, unless the user has given the domain administrator their password.

3

mfinni · Answer 2 · 2012-05-19T09:19:08+08:00

mfinni

2012-05-19T09:19:08+08:002012-05-19T09:19:08+08:00

A domain admin could enable that passwords are stored with reversible encryption, in which case they could technically access your password. The only places I've seen this done were ones that had old RADIUS products that required AD integration. Any decent SSO product should not require this setting. That said, it's remotely possible, but very unlikely.

2

George · Answer 3 · 2012-05-19T08:04:02+08:00

George

2012-05-19T08:04:02+08:002012-05-19T08:04:02+08:00

You can always change any user's password in AD. And I believe if you login to any PC using different credentials it'll kick the other user out. What are you trying to accomplish?

1

Joe · Answer 4 · 2012-05-19T08:04:31+08:00

Joe

2012-05-19T08:04:31+08:002012-05-19T08:04:31+08:00

They only way the network admin should have the user's login credentials is if the user told the admin what they are. If he is a domain administrator then he can log the user out using his credentials though.

1

Cold T · Answer 5 · 2012-05-19T08:38:09+08:00

Cold T

2012-05-19T08:38:09+08:002012-05-19T08:38:09+08:00

In addition to what you have just added within your edit, the network administrator can only have password if he has access to the domain controller and can install his/her own software to brute-force the passwords (very easily if the password is weak). In normal circumstances your answer would be no, he/she does not have your password.

1

Mike · Answer 6 · 2012-11-09T00:10:22+08:00

Mike

2012-11-09T00:10:22+08:002012-11-09T00:10:22+08:00

My view on this is that the bigger risk is colleagues when a user walks away from their desk and leaves their screen unlocked. Open access to Windows, data, email and any system with SSO.

While typcial Windows passwords are protected in a way they cannot be reversed (given time and resource maybe) it is possible that an extremely bad decision has been made to change this default config. http://technet.microsoft.com/en-us/library/cc784581(v=ws.10).aspx

0

Windows 7 - Network admin access to user login credentials?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?