Windows, Operating System, Security, Networking, Malware, Support, Forum, Help Site Check Our Facebook Page!
Notices
Windows Server System Post your Windows Server System questions here. Besides Windows Server, this also includes other Microsoft Server software (such as BizTalk Server, Exchange Server, ISA Server & others).


Register your FREE account to unlock additional features at WindowsBBS.com
   
 
 
LinkBack Thread Tools
Old 24th June 2008   #1
Geek Member
THREAD STARTER
 
Profile:
Join Date: Dec 2006
Posts: 526
Computer Experience:
Experienced
IvanH Reputation LevelIvanH Reputation LevelIvanH Reputation LevelIvanH Reputation LevelIvanH Reputation Level

My System

Keeping the Windows Server logged on


After powering on and logging on the Windows Server, many administrators just keep it logged on. If we need to access the server desktop, we need to type the logged on user's password anyway.

An auditor comments that it must be logged off.

Is it necessary to keep logging on, why and why not?

IvanH is offline  

 

Register
to remove this ad.
 
 

Old 24th June 2008   #2
Alumni
 
Profile:
Join Date: May 2004
Location: Worcs. UK
Posts: 2,786
Computer Experience:
Unabashed deviant
ReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation Level

All proper server software will run as a service. It therefore does not need a user logged on to start or use the software. Software running as a service is made available independently of the user GUI.

Unfortunately, there are a number of software applications that pretend they are server applications but do not run as a service and have to be run from within a user GUI. These we will call Noddy applications.

If you are a very lucky IT manager, you will be able to run your servers without any Noddy software. In this case there is no reason to have anyone logged on to the server. As running a logged on user both makes it easier for someone to tamper with the server, and uses system resources, it is advisable to run the server with no one logged on. You log on to change something on the server or monitor/check something and then log off. (I won't mention the people who let a user use the network server as their desktop PC beyond stating that it is a particularly foolish thing to do and I'll assume the people reading this aren't so foolish).

If you are a reasonably lucky IT manager, there may be a couple of Noddy applications you need to run, but you'll be able to apply a hack to them (for example the NT resource kit INSTSRV) so that they will run as a service. As they run as a service, again no need to log on.

Unfortunately, many Noddy applications won't work when hacked to run as a service. In this case you have to have a user logged on. However, this doesn't have to be a user connected directly to the server. With Server 2003, you can run a terminal user session and have the Noddy applications running in that session. That means you can manage the Noddy applications remotely via that terminal session, and it shouldn't get in the way of other users accessing the server to carry out maintenance tasks.

Therefore, if you can avoid Noddy applications, you don't need to log on to the physical server terminal and shouldn't except when carrying out maintenance tasks. Even with Noddy application, there are ways of avoiding having a user logged on.

ReggieB is offline  

Did you find this post helpful? Yes | No
Old 24th June 2008   #3
Inactive
 
Profile:
Join Date: Aug 2002
Posts: 4,141
mflynn Reputation Levelmflynn Reputation Levelmflynn Reputation Level

Hi Ivan Reg

Reg I like it when you talk like that!

And I don't mean the British accent!

Excellent explanation Reggie!

Also Ivan, no offence if you already knew this! But create another Admin account I usually use Supervisor and never use the Built in Administrator account except in an emergency.

Any other account and profile can be deleted the profile removed etc then rebuilt. But get real damage to the original Admistrator account and it ususally can not be repaired! This advice is not just for Server but any NT based stand alone client or Server!

If you ever see any account (admin or user) that has an added extension that was not there before then the profile was blown.

Example: Bob now becomes Bob.server (the .server part can be anything usually the ComputerName) then that profile has been damaged and windows has tried to the best of it's ability to repair it so the user can still operate.

If that happens to the real Administrator account it may still work but there "could" be missing data or other issues!

So try not to have the real Administrator up where it can be caught by a power failure or malware or Virus. Use it only long enough to fix issues like the above

Mike

mflynn is offline  

Did you find this post helpful? Yes | No
Old 24th June 2008   #4
Geek Member
THREAD STARTER
 
Profile:
Join Date: Dec 2006
Posts: 526
Computer Experience:
Experienced
IvanH Reputation LevelIvanH Reputation LevelIvanH Reputation LevelIvanH Reputation LevelIvanH Reputation Level

My System
Hi Mike,

thanks for your info. Correct me if I got it wrong. The built-in administrator account will be "suppressed" before Windows Server 2008 but not deleted, and it should be totally "removed" in WS 2008, after installation, that I hearsay.

Besides, I just wanna see if I can improve the relationship between an Auditing Director (no IS audit background) and the sys admin mgr.

IvanH is offline  

Did you find this post helpful? Yes | No
Old 27th June 2008   #5
Alumni
 
Profile:
Join Date: May 2004
Location: Worcs. UK
Posts: 2,786
Computer Experience:
Unabashed deviant
ReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation LevelReggieB Reputation Level

If you don't want to delete the Administrator account you can always disable it for a while until you are happy that it is safe to delete.

By the way, all praise for my postings are gratefully received. However, you may regret encouraging my ramblings, as I do enjoy prevaricating about the bush (in the word of many wise words: Wallace).

ReggieB is offline  

Did you find this post helpful? Yes | No


 

THIS THREAD HAS EXPIRED.

Are you having the same problem? Please post a new thread, but first you'll have to join us by Registering (FREE).



Discussion Forums
Operating Systems
Windows 8 Windows 8
Windows 7 Windows 7
Windows Vista Windows Vista
Windows XP Windows XP
Windows Server System Windows Server System
Legacy Windows OS Legacy Windows OS
Internet & Networking
Networking (Hardware & Software) Networking
Internet Explorer Internet Explorer
Microsoft Mail Microsoft Mail
Firefox, Thunderbird & SeaMonkey Firefox, Thunderbird
      & SeaMonkey

Web Applications & Cloud Web Applications & Cloud
General Internet
Security
Malware and Virus Removal Malware and Virus
     Removal

Security and Privacy Security and Privacy

Other
Other PC Software Other PC Software
Test Posts Test Posts
Hardware
PC Hardware PC Hardware
Mobile Devices Mobile Devices
Community
Introductions Introductions
General Discussions General Discussions
Site Comments & Suggestions Site Comments
      & Suggestions

News News @ WindowsBBS

Thread Tools


Find us on Facebook   Web Of Trust Rating

All times are GMT. The time now is 09:26.


Recent Discussions
Anybody using Classic Shell? (23)
rundll error message (2)
No Boot Device Listed In Windows 8... (8)
Computer Slow to Boot and Files Cor.. (19)
MS expected to unveil Win 9 on Sept.. (5)
Window Live Mail error, now cannot .. (11)
Invalid IP address error, fixed but.. (2)
[Cannot open Standard User, open wo.. (1)
[Which] windows server 2012 edition.. (1)
Impact of defrag command on SSD? (7)
Excel Macro help (2)
What is giveio.sys and how to get r.. (31)
Need shortcut/hotkey for MSDOS and .. (3)
My Passport Back Up and Remove data (2)
Brother QL500 labelmaker (3)
Block/Phishing scam (9)
Extremely Slow File moving/copying/.. (10)
Latest MS patch causing BSOD (18)
Windows 8.1 Update 2 (18)
How do I stop Windows Explorer pers.. (12)


Donate!
Support Windows BBS!



Powered by vBulletin® Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO
Copyright 2002 - 2013 WindowsBBS.com. All rights reserved.
FDMA Media LLC
Terms of Use, Legal Information & Privacy Policy
Page generated in 0.08697 seconds with 7 queries