Re: Service running as Local system account Unable to map drive on ano



If kerberos auth is being used, you simply grant rights for the computer account from AD on the share and the file system. The security concern is that ANYTHING running as localsystem on the specific computer will have access to the share. For anonymous access you enable the null session share and set the ACL on the file system to everyone read or write depending on the access you want. The security concern here is anyone that knows to connect as anonymous will have that access.

--
Joe Richards Microsoft MVP Windows Server Directory Services
www.joeware.net


Phillip Windell wrote:
"Joe Richards [MVP]" <humorexpress@xxxxxxxxxxx> wrote in message
news:%23cEgSCyCGHA.2920@xxxxxxxxxxxxxxxxxxxxxxx
That is incorrect, this can be made to work. Localsystem will either
connect
anonymously or as the computer account depending on whether or not
kerberos auth
was used. Both can be used though there could be security implications
depending
on the data involved.

How do you go about doing that?

.