www.threatcode.com
Which vendor?
(please don't tell me a crappy accounting app?)
And there's typically ways around this to hack up the registry. We have
to say no to these vendors especially with Vista's UAC right around the
corner.
[EMAIL PROTECTED] wrote:
I’m definitely not wanting to do this – but a vendor was saying to do
it to allow one of their services to run as Local System and be able
to interact with another machine.
I am very skeptical, and not allowing it.
Thanks,
James
------------------------------------------------------------------------
*From:* [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] *On Behalf Of
[EMAIL PROTECTED]
*Sent:* Wednesday, July 05, 2006 5:54 PM
*To:* [email protected]
*Subject:* RE: [ActiveDir] OT: Computer Account in Local
Administrators Group
More directly - WHY are you looking to do this? What problem are you
trying to solve?
Sincerely,
_____
(, / | /) /) /)
/---| (/_ ______ ___// _ // _
) / |_/(__(_) // (_(_)(/_(_(_/(__(/_
(_/ /)
(/
Microsoft MVP - Directory Services
www.readymaids.com <http://www.readymaids.com> - we know IT
www.akomolafe.com <http://www.akomolafe.com>
**-5.75, -3.23**
Do you now realize that Today is the Tomorrow you were worried about
Yesterday? -anon
------------------------------------------------------------------------
*From:* joe
*Sent:* Wed 7/5/2006 9:12 AM
*To:* [email protected]
*Subject:* RE: [ActiveDir] OT: Computer Account in Local
Administrators Group
Ultimately, anyone with physical access to the remote PC will have Admin
rights over the PC in which you add the account to the admins group for.
Directly, anyone who can run anything as localsystem or networkservice will
have those rights.
--
O'Reilly Active Directory Third Edition -
http://www.joeware.net/win/ad3e.htm
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Wednesday, July 05, 2006 12:05 PM
To: [email protected]
Subject: [ActiveDir] OT: Computer Account in Local Administrators Group
What is the net effect of placing a remote computer account
(\\domain\computer_name) in the Local Administrators group?
Thanks,
James
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
If you are a SBSer and you don't subscribe to the SBS Blog... man ... I will
hunt you down...
http://blogs.technet.com/sbs
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.activedir.org/ml/threads.aspx
