RE: [ActiveDir] Local admin priviledges

[Thommes, Michael M.]

I think there is some fact missing here.  You need local admin privileges to see administrative shares (e.g., C$).  Just because you are an admin on your local computer, does not give you that same right on someone else’s computer.   Mike Thommes   -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rimmerman, Russ Sent: Tuesday, February 14, 2006 9:40 AM To: ActiveDir@mail.activedir.org Subject: [ActiveDir] Local admin priviledges   Well someone just realized that since all our users are local admins on their PCs that they can map to another users C$ share and see all their data.  They asked mgmt if they knew about that, and now of course, they're concerned about it.  It's been this way for years, but I digress.   SO, what is the general conscensus on giving users full ability to install/remove software at will, but not allowing them to map to other PCs c$ drives?  Make everyone Power Users instead?  Is there anything that they might lose from going from local admins to power users on their PCs besides this c$ mapping functionality? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ This e-mail is confidential, may contain proprietary information of the Cooper Cameron Corporation and its operating Divisions and may be confidential or privileged. This e-mail should be read, copied, disseminated and/or used only by the addressee. If you have received this message in error please delete it, together with any attachments, from your system. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~