From: Chris Robinson 

If an admin is leaving his/her machine unlocked I'd be having words with
them.  You could also remove their logon from the admin group and have them
only logon as admin when they need to do specific tasks.

Chris.

"Richard B." wrote:

> On Wed, 23 Apr 2003 10:40:23 -0400, "Geo."
 wrote:
>
> >You run a domain? Just limit the user's ID to a specific machine, then he
> >can't logon anywhere else.
>
> I've done that. He'll go to a machine that's been left unattended,
> already logged in with the other person's password. I fixed the latter
> but I can't prevent him from doing the former, especially if I'm not
> here. He doesn't have file permissions to get to certain areas with
> his password, so he was using the admin's machine to do that.
>
> I could set up a filter with the old St. Bernard software to alert me
> to about any event I wanted, file access, app use, time of use, pretty
> much anything.
>
> - Richard

--- BBBS/NT v4.01 Flag-4