Can the user create another local account in server restrict mode?

[Freedomarch]

Hi guys,

I'm a new member. I have a problem about some of my client can have two user account in their machine even our server have restrict their action? How does it makes? And what can I do to control this case happen?

Thanks for concern. Have a nice day

[Disk_Contented]

Not sure how you mean when you say server restriction.
You can create more accounts on any machine if you have the rights. If they can circumvent the server restrictions, then your server, or the soft it runs has exploits or other workarounds these people have discovered.

[Freedomarch]

Thanks for ur kindly.
My panic is how does the client can login to the her own "user account" and admin/"THIS COMPUTER" account by key in the same ID & Password?


Example:

"Admin"
username: sum
password: $ab12$
log on to: pass123 (this computer)

the client account:
username: client
password: 1234
log on to: abc123

but the client aso can login by this:
username: client
password: 1234
log on to: pass123 (this computer)

May I know what issue will cause the client can login till like this way?
Is that the application problem or technically human fault?

[Disk_Contented]

All accounts but Admin should be a limited account.
There's no way anyone can get into the server as Admin unless they either have the Admin login and change things, Or they hacked, or they have a spy app/keylogger installed and stole the login.
I think if the server soft is out of date, exploits will exist that can do this sort of thing.

I would scan the whole server thoroughly looking for anything unusual. Keyloggers in particular.
Check the logs to see what connections have been made and where from.
Delete any extraneous accounts, check the account permissions.
Make sure everything is updated and the firewall is secure.
Have a word with your clients that false connections won't be tolerated.