-
May 24th, 2005, 09:11 PM
#11
Suppose you have two groups, "Workstation admins" and "Server admins", neither of which is in "Domain admins", hence they don't have control over Active Directory; neither of them has admin rights on any domain controller, and neither of which has admin privileges on the other group's machines.
If a workstation admin ever logs into a server, or vice versa, then that group can potentially gain the others' passwords. This is because, with local admin rights, you can take control of a machine remotely and use the other users' permission to do whatever your want.
Slarty
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|