4 Replies Latest reply on Jul 2, 2012 3:08 AM by r4f

    Scanning for disabled accounts

      Hello all, Does anybody know if McAfee Foundstone VM has a default template for listing local enabled administrative account? If no, do you know if there is a SCAP contents to load that perform thisscan?

       

      Thanks in advance,

      R.

        • 1. Re: Scanning for disabled accounts

          Sorry I don't know of any scripts that do this...

          1 of 1 people found this helpful
          • 2. Re: Scanning for disabled accounts

            Thank you CGrim. Even if we need the only enumeration of enabled accounts (admin and simple users) we can't use Foundstone?

            • 3. Re: Scanning for disabled accounts

              Hi r4f,

               

              Oh, well you might be able to use:

              Windows/Miscellaneous/Enumerate Administrator users

               

              for logged on users:

              Windows/Miscellaneous/Report Current Logon users on Windows (bad grammer!)

               

              Get the user profiles off the host:
              Windows/Miscellaneous/Windows User Profiles

               

              I hope that helps!
              Cathy

              • 4. Re: Scanning for disabled accounts

                Sorry Cgrim (thanks for your attention), i don't need the list of logged on users, but only the list of accounts that are not disabled.

                 

                We have to reclaim all the unnecessary administrative accounts. By execution of these template, we have the list of all admin accounts on a windows host:

                 

                • Windows/Miscellaneous/Enumerate Administrator Users
                • Windows/Miscellaneous/Display All Detected Local Users andGroups on a Windows Host

                 

                This enumeration however, lists also the disabled accounts.

                We know that other VA instruments has this feature: is there a script to import on Foundstone that can help us?

                 

                Thank you.
                R.