Just like your user account has rights and permissions to resources, so do computer accounts. And it depends on the credentials being passed. So if the computer credentials are being passed to some process and that computer account has permissions or rights, it will authenticate successfully.
Chris Bodnar, MCSE Sr. Systems Engineer Distributed Systems Service Delivery - Intel Services Guardian Life Insurance Company of America Email: [email protected] Phone: 610-807-6459 Fax: 610-807-6003 _____ From: [email protected] [mailto:[email protected]] Sent: Monday, June 22, 2009 3:50 PM To: NT System Admin Issues Subject: I should know this, but I don't.... If I add a machine to a group (say, my SMS server as a local admin to my desktop), what am I exactly enabling? Accounts logged in as "Local Service" to interact with my machine? Does it mean anyone logged onto that machine would have local admin rights to my PC? I'm thinking no, but I wouldn't bet my security on it. This is where my knowledge of NT security gets a little fuzzy. David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ----------------------------------------- This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
