How to execute logon script / Can it be a poison pill?

How to execute logon script / Can it be a poison pill?

Post by Al Christo » Thu, 02 Mar 2006 01:24:27


Of late I've been thinkig about nefarious things that can happen to
computers. I am reasonably certain that you can create a user ID and
associate it with a network logon script that would launch a process that
would clear critical information on the client computer. Correct? (The
analogy that I've read about recently are ATM cards that have two pin
numbers. If you use the second pin number you get limited funds and the cops
are called!)

Let me confirm my suspicions about local operations?:
1) If the computer is disconnected and you try logging on, you can still do
it if the client is configured to cache the required data. CORRECT?

2) The network logon script is NOT executed if the client is disconvnected
from the network. CORRECT?

3) There is no local script equivalent of the network logon script. CORRECT?

4) The runonce or run facilities of Windows could be configured on the
client at the user level, to provide the necessary suicide pill. CORRECT?

Regards,
Al Christoph
 
 
 

How to execute logon script / Can it be a poison pill?

Post by Steve Fost » Thu, 02 Mar 2006 07:59:42


Not entirely sure what you're trying to do here.


The only user accounts that would work on a disconnected domain client are
a) local accounts, and b) domain accounts that have logged on recently
while connected.


Since the client is disconnected, it is unable to read the logon script,
so, yes, it is not executed.


AFAIK, there is no local equivalent, no.



Well, I don't think you could realistically use RunOnce (as per its' name,
the contents are only Run Once, and then the entry is automatically
deleted). And the whole idea of Run is for applications that you want to
load for the user (such as anti-virus tray icons, Instant Messenger
applications and the like). So using it to "kill" the PC would be
counter-productive.

You might want to go find and read the Immutable Laws of Computer Security.

--
Steve Foster [SBS MVP]
---------------------------------------
MVPs do not work for Microsoft. Please reply only to the newsgroups.