RE: W2K Domain SelectionFrom: Massimo Ciscato (email@example.com)
- Previous message: George Serban: "PIX syslog analyser"
- Maybe in reply to: David Giacchetta: "W2K Domain Selection"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Massimo Ciscato <firstname.lastname@example.org> To: 'Fab Siciliano' <email@example.com>, Raoul Armfield <firstname.lastname@example.org> Date: Mon, 14 Jan 2002 15:18:37 +0100
Guys, this thread is a bit confusing.
What kind of domain are you talking about? NT or 2000/ActiveDirectory?
I guess NT, since you talk only about one NT server.
In that case, is the NT server a PDC (Primary Domain Controller)? I guess
If yes, have you registered your workstations in that domain?
In that case you can login on the domain, with the login you have created on
the PDC, and the user will have the privileges you grant him on the PDC
(regular user, power user, Domain Admin, etc.).
If you login on the local machine then things change.
Mind that the user on the domain and the one on the workstation are not the
For example if you have a domain called MYDOMAIN and a workstation called
WORKSTATION and one user called John, then the two users
are two different users, each with his own set of rights.
Also, domain administrators have administrator rights on all machines, the
opposite is of course not true.
It gets more complex if you involve more domains which you want to trust.
I have had a few headaches about this stuff before, so if you need help just
drop me a mail with some more details about what you want to achieve.
From: Fab Siciliano [mailto:email@example.com]
Sent: Thursday, January 10, 2002 7:13 PM
To: Raoul Armfield
Cc: 'Andrew Jones'; 'David Giacchetta';
Subject: RE: W2K Domain Selection
That probably depends on whether the 2 domains have a trust relationship
established. Then...the "admin" can have the same rights on both domains.
On Wed, 9 Jan 2002, Raoul Armfield wrote:
> Do you mean least restrictive rights if so yes they take precedence
> however one domain is independent on rights on aother domain. For
> instance if on domain A you have admin rights and on domain B you
> have user rights, you cannot accomplish administrative tasks on
> Domain B eventhough you have admin rights on domain A.
> Raoul Armfield
> > -----Original Message-----
> > From: Andrew Jones [mailto:Andrew.Jones@meggitt.demon.co.uk]
> > Sent: Tuesday, January 08, 2002 12:27 PM
> > To: 'David Giacchetta'; firstname.lastname@example.org
> > Subject: RE: W2K Domain Selection
> > would I be right in thinking that the lowest rights on a
> > domain take precedence, so, if you have lower rights on one
> > of your domains then they will take over any other rights.
> > Just my $0.02
> > Andrew Jones
> > Technical Advisor
> > Meggitt Petroleum Systems
> > Tel +44 (0)2476 697417 Ext. 40
> > Fax +44 (0)2476 418210
> > Andrew.Jones@meggitt.demon.co.uk
> > > -----Original Message-----
> > > From: David Giacchetta [SMTP:email@example.com]
> > > Sent: Monday, January 07, 2002 2:05 PM
> > > To: firstname.lastname@example.org
> > > Subject: W2K Domain Selection
> > >
> > > Hi Folks
> > >
> > > I ve seven domains in my wan, and also workstations are
> > w2k, the big
> > > question is this, WHY?? when i selected the local domain in the
> > > workstation, example.. (the domain of the machine), in the
> > login,,,,
> > > ALL the Rights works
> > > better, but if i selected another domain, ex... a domain
> > NT4 Server, the
> > > user dont get all yours right...
> > > If a user have a Administrator Right when are login in a
> > local domain, but
> > > when it login over a NT4 domain this user have a simple
> > right......?????
> > > Of course, the right over de network works good... the
> > problem is in the
> > > machine....
> > >
> > > Sincurely Yours
> > >
> > > Luciano
> > >
> > >
> > >
> > >
> > >
> > > _________________________________________________________
> > > Do You Yahoo!?
> > > Get your free @yahoo.com address at http://mail.yahoo.com
> gpg: Warning: using insecure memory!
> gpg: Signature made Wed 09 Jan 2002 01:18:27 PM EST using DSA key ID
> gpg: Can't check signature: public key not found
-- -- Fab Siciliano Networks and Security Optium Corporation Tel.215.712.6200 Fax.215.712.7448 http://www.optiumcorp.com --