none
仅来宾限制 RRS feed

  • 问题

  • 当网络安全策略是仅来宾访问模式,用ipc$访问admin$,c$,以及at命令都是拒绝访问,这样的话即使已经得到了对方机子的管理员账号也无济于事,就像被堵在了大门外。

    而改成经典模式就可以了。

    如何在仅来宾模式下访问对方机子的admin$或能使用at命令不被拒绝?


    2016年1月30日 0:51

答案

  • Hi,

    "If this setting is set to Guest only, network logons that use local accounts are automatically mapped to the Guest account. By using the Guest model, you can have all users treated equally. All users authenticate as Guest, and they all receive the same level of access to a given resource, which can be either Read-only or Modify."

    根据组策略上这段描述,您可以尝试 将 guest 帐号加入到其他 比较高的权限组 当中看有没有变化 。

    另外,如果 可行的话,这个做法会带来安全问题,这些都在 组策略中已经明确 标示了:

    Important

    With the Guest only model, any user who can access your computer over the network (including anonymous Internet users) can access your shared resources. You must use the Windows Firewall or another similar device to protect your computer from unauthorized access. Similarly, with the Classic model, local accounts must be password protected; otherwise, those user accounts can be used by anyone to access shared system resources.

    另外这里是 SCOM 论坛,有关server 的问题您可以 发到这里:

    https://social.technet.microsoft.com/Forums/zh-CN/home?forum=windowsserversystemzhchs&filter=alltypes&sort=lastpostdesc

    Elton


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com .


    2016年2月2日 13:25
    版主