windows domain question

From: Mike Coppins (mike@legolas.com)
Date: 04/18/02


Date: Thu, 18 Apr 2002 17:46:26 +0100
To: focus-ms@securityfocus.com
From: Mike Coppins <mike@legolas.com>

If you connect a machine to a Windows domain, so things like SIDs change,
machine IDs synchronised, etc, and then disconnected, what happens exactly?
Does the node that gets disconnected generate a new machine SID or does
information get left behind on the node?

Putting the question into a scenario might help :) If a laptop (NT4 or
Win2k) is connected to a domain, then is removed from the domain (as in, an
admin goes into network properties and tells the machine that it is part of
a bog standard workgroup again, is the laptop going to retain any
information that it belonged to a domain before, and possibly security
sensitive information about the domain?

-- 
Mike Coppins
mike@legolas.com
http://www.legolas.com/
Currently looking for work: http://www.legolas.com/mikes/cv.html