As system administrator I used two accounts in Windows XP.
One account has only user access and the other account was an Domain Admin
to manage the domain.
In Windows XP I was able to run explorer with my Domain Admin account and so
I could change NTFS rights on the file system.
In Windows Vista this seems not te be possible. I can elevate my user
account to domain admin. UAC will protect the local system but not the
servers.
Without any prompt I can connect to the share C$ without any prompt. If I
can do this without any prompt every script can do this.
Is there anybody that can tell me what the most secure way is to manage the
domain without switching users (one or two accounts)?
|
Similar Threads
Linear Mode
