1
While pruning the $Recycle.bin
folder on a Server 2008 system, I found that there were two folders for domain users that don't have remote desktop privilege to that server.
This puzzles me as to how these folders came to be. If they did not have remote login permission, how did they send files to the Recycle Bin? Any file they deleted from a network share should not have gone to the server's Recycle Bin and permanently deleted instead.
These users never had remote desktop access to this box, AFAIK, so these aren't some old Recycle Bin files that they created while they had remote access, and then later had that privilege removed.
1Perhaps they didnt log on remotely? Look at the folders/files last modification date... That might give you a clue – Keltari – 2013-05-15T21:56:27.167