Re: Service running as Local system account Unable to map drive on ano
- From: "Joe Richards [MVP]" <humorexpress@xxxxxxxxxxx>
- Date: Tue, 27 Dec 2005 20:51:47 -0500
If kerberos auth is being used, you simply grant rights for the computer account from AD on the share and the file system. The security concern is that ANYTHING running as localsystem on the specific computer will have access to the share. For anonymous access you enable the null session share and set the ACL on the file system to everyone read or write depending on the access you want. The security concern here is anyone that knows to connect as anonymous will have that access.
-- Joe Richards Microsoft MVP Windows Server Directory Services www.joeware.net
Phillip Windell wrote:
"Joe Richards [MVP]" <humorexpress@xxxxxxxxxxx> wrote in message news:%23cEgSCyCGHA.2920@xxxxxxxxxxxxxxxxxxxxxxxThat is incorrect, this can be made to work. Localsystem will eitherconnectanonymously or as the computer account depending on whether or notkerberos authwas used. Both can be used though there could be security implicationsdependingon the data involved.
How do you go about doing that?
.
- References:
- Re: Service running as Local system account Unable to map drive on ano
- From: Joe Richards [MVP]
- Re: Service running as Local system account Unable to map drive on ano
- Prev by Date: Re: Internet explorer infected problem
- Next by Date: Re: Win98se KB 891711
- Previous by thread: Re: Service running as Local system account Unable to map drive on ano
- Next by thread: Re: Service running as Local system account Unable to map drive on ano
- Index(es):
Relevant Pages
|
