Re: domain access control for local user of domain computer?
- From: "Roger Abell [MVP]" <mvpNoSpam@xxxxxxx>
- Date: Wed, 9 Apr 2008 05:20:31 -0700
"geekyguy" <geeky@xxxxxxx> wrote in message
news:u3r5Q9clIHA.2396@xxxxxxxxxxxxxxxxxxxxxxx
Hi All: I have a server 2003 domain with some member servers and client
computers.
My desktop is Vista, and the computer is part of the domain. I'm logging
on to the desktop as a local user, not a domain user.
I have a shared folder on the DC, with modify permissions for domain users
and read only permissions for everyone.
I can access the share when logged into my desktop computer under a local
account, but I can't write files to the share.
Is there any way to grant my local Vista user account write privileges to
the domain share, without giving "modify" permissions to "everyone"?
No, not really, but kind of . . .
Access control is based on the principals to which the
access is granted. This can only be done/given to known
principals. To your domain the local account is unknown.
So really, no, you cannot grant to that local account.
However, if you define a domain account that matches in
name and password the local account then things might
work for you, maybe, if your client behaviors allow for
Windows authentication to happen under the covers.
When you have a domain it is better to just use domain
accounts on the joined machines, which solves your
posted issue and solves problems with keeping account
passwords sync'd if you go the matching account route.
Roger
.
- References:
- domain access control for local user of domain computer?
- From: geekyguy
- domain access control for local user of domain computer?
- Prev by Date: Re: Delivering certificate not in the same domain name ?
- Next by Date: Re: Specific permission to add new contacs
- Previous by thread: domain access control for local user of domain computer?
- Next by thread: Specific permission to add new contacs
- Index(es):
Relevant Pages
|
