AnsweredAssumed Answered

For Administrators How to deny access from accessing file system using various means?

Question asked by Jash Upadhyay on Aug 24, 2017
Latest reply on Sep 25, 2017 by Jay Guillette

Hi Team,

 

  1. My concern here is for RDP we do have two factor enabled. But if the user do access the path via ... \\SERVERXXX\C$ , then are there any means that we can enable two-factor for them? 
  2. Also an administrator can invoke these below from his desktop with Run As Administrator mode providing the Domain Administrator credentials to access the Domain services like          - Services.msc - to shutdown and start any server services

        - DSA.msc - to add delete users , computers in Windows AD
        - DNSMGMT.msc - DNS Management
        - DHCPMGMT.msc - DHCP Management
        - GPMC.msc - group policy editing
        - Web console based tools on SCCM management 

Can we protect this with two FA?

 

Regards

Jash Upadhyay

Outcomes