Mismatch in handling MS accounts on MS Configuration Management

31. May 2015 · Write a comment · Categories: livemail

I have had this disturbing experience with Windows Live Account(s) and ‘Microsoft Configuration Management’

Based on below I can conclude that permissions granted to one Microsoft LIVE account was automatically – and without my specific accept - transferred to another Microsoft Live account in a way that allowed a wrong account to access confidential files on a Microsoft Configuration Management site. This worries me BIG TIMES and I would appreciate some answers.

Facts:

My OS and Microsoft Office 2013 was recently installed and is activated under Microsoft Live Account (1). I also have a Microsoft Live Account (2) which is not identical to account (1)

What happended

  1. A company I am doing consultant work for, has created a Microsoft Configuration Management site to share sensitive documents. They have granted me access using Microsoft Live Account (2). They do not know about Microsoft Live Account (1).

  2. I get an e-mail (Auto-generated by Microsoft Configuration Management) with a link to the web-site from where the confidential files could be accessed.

  3. I logged using my Account(2) credentials. I downloaded a few files and logged off.

  1. Later I login using Account (2) credentials. This time my account is rejected with the message, that ‘another account has already been accepted for access to this site’

  2. I checked the permissions with the company. They reconfirm that access is granted to Account(2)

  3. For some reason I then logged on using Account (1) credential (to which no access is granted!). I was very surprised to experience that I was granted access to the confidential files.

  4. I re-checked with the company. They re-confirmed that only Account (2) was granted access in their end.

  5. However, In order to do my job for the day, I logged on several times using Account (1).

     

What then happened:

  1. Today my first logon using Account(1) credentials is rejected with the message: ‘You need access rights to enter this site’.

  2. My Account (2) credentials is also rejected but, with the message ‘Another account has already accepted for this site’

  3. My second logon using Account (1) credentials is – BINGO – accepted!  Not only once, but several times? I can open and download documents etc.

I do have some questions:

  1. Why does Microsoft Configuration Management allow an un-authorized account [Account(1)] access to a confidential file share?

  2. If this is by design, why does Microsoft Configuration Management behave inconsistently about it?  (‘You need access to enter’, and then minutes after ‘I am granted access’).

  1. Is it true that Microsoft auto-transfers access rights granted to one Microsoft Live Account to another –without specific approval from me?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.