General discussion
-
Topic
-
Unauthorized log in
LockedWe have a 2003 server that is a domain controller. Recently I have noticed some local user profiles listed under documents and setting. My concern is that someone is getting on our server . What is odd is the user profile only has a few items in it. It doesn’t have all the folders and files that the default user profile has. The profile has the following.
Folders:
Cookies
Application Data
Local SettingsFiles:
NTUser.dat
NTUser.dat.logAny thoughts on why a user profile would exist on this server? I am concerned they are somehow getting a (lite) login possible through some haccking tool. Has anyone else seen or experienced this problem?
I have checked the security on the server and they should not be able to get in. This server is not a terminal server either.
Any help or thoughts would be appreciated.