Years ago, I was just starting out in tech. I was located at a remote facility compared to the rest of the company, and we had someone that was demanding domain administrator credentials. I kept telling them no and pointing them over to the people that controlled that access, but it was obvious that they would shoot the person down immediately.
Eventually, this person got their manager involved, along with my manager at the time, and both of them started saying that I should grant this access. I was so torn on it, and due to time and distance, I didn’t really feel like I had backup. Thankfully, I stuck to my guns and didn’t give out the access, but it just goes to show you how easily someone can be pressured into trying to give up privileged information like that.
So why is this such a big deal? So what if this random person had domain administrator credentials? What does that even mean anyway?
To explain that question, we first need to drill down into the different kinds of user accounts that Windows recognizes: local accounts, domain accounts and Microsoft accounts.
Local user accounts
In general, when we’re talking about anything “local,” we’re referring in context to an individual computer right in front of you — this local box exclusively. A local user account can be used on this particular machine and no others … with some practical exceptions. If you tried to log in with this particular login and password anywhere that those credentials hadn’t been explicitly set up, it would bounce back and say that isn’t a valid username and password combination.
Local user accounts can be divided into two broad categories: users and administrators. Normal users can log into the system, run most (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Kurt Ellzey. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/E7xMos9CCek/