|
Posted by djc on September 11, 2006, 10:41 am
Please log in for more thread options thanks for the info. Its appreciated.
> Your local creds depend on whether or not you asked for a network auth or
> a local auth. The default for runas is local auth, you get network by
> using /netonly. It is the opposite if you use cpau, you get a network auth
> by default and a local auth only if you specify /lwp or /lwop.
>
> When you do a network auth, the new process is spawned locally with the
> current creds and any network access is with the new creds. When you do a
> local auth, everything is done under the new creds.
>
> As to your specific questions.
>
> If a network auth, then notepad is running locally as UserA but when it
> attaches to a remote resource as UserB.
>
> If a local auth, it will be running as UserB and attach to remove
> resources as UserB.
>
> In neither case will local networked drive letters be available to it for
> use.
>
>
> --
> Joe Richards Microsoft MVP Windows Server Directory Services
> Author of O'Reilly Active Directory Third Edition
> www.joeware.net
>
>
> ---O'Reilly Active Directory Third Edition now available---
>
> http://www.joeware.net/win/ad3e.htm
>
>
> djc wrote:
>> lets say I'm logged in as userA, I launch a command prompt using runas
>> with credentials of userB, then from that userB command prompt I launch
>> an applications such as notepad.exe.
>>
>> Is notepad.exe still running in the security context of userB? So if I
>> went File > Open from notepad would I be able to access network
>> resources, namely folder shares, with userB's credentials?
| 
XML Sitemap