On 10/12/07, Jeff Wright <[EMAIL PROTECTED]> wrote: > > We use ADmitMac, since our network is a Windows Active Directory domain. > Not the most reliable of apps, but it allows the Mac users to authenticate > to the network and Windows servers transparently. > > If there is a way to access a Mac over the LAN using root (or similar) > privileges on a Windows network without using a local account, I'm all > ears. >
Jeff, When you log onto a computer, you need to authenticate yourself (so the computer system can know who you are) and establish credentials (so the computer system can enforce the appropriate access controls, give out the right privileges, etc.). Even Windows sort of works like that. It is a basic security concept. If you have an enterprise level system to provide user credentials, you clearly don't need local user accounts to do that for you. This is also a basic security concept. Again, even Windows more or less allows for that. If you don't have time to read the ADmitMac documentation, you could Google or just skim through their product web pages. For example, (http://www.thursby.com/products/admitmac.html) "Administrators can choose to give domain members administrative privileges based on their username or domain group membership." and "Administrators can give administrative privileges to the user specified as the Macintosh's manager in the domain's computer records. " This means that using the product you already have, you can designate how you want to give out admin privileges - there are multiple ways. Most of them have nothing to do with the local username. -- John DeCarlo, My Views Are My Own ************************************************************************ * ==> QUICK LIST-COMMAND REFERENCE - Put the following commands in <== * ==> the body of an email & send 'em to: [EMAIL PROTECTED] <== * Join the list: SUBSCRIBE COMPUTERGUYS-L Your Name * Too much mail? Try Daily Digests command: SET COMPUTERGUYS-L DIGEST * Tired of the List? Unsubscribe command: SIGNOFF COMPUTERGUYS-L * New address? From OLD address send: CHANGE COMPUTERGUYS-L YourNewAddress * Need more help? Send mail to: [EMAIL PROTECTED] ************************************************************************ * List archive at www.mail-archive.com/computerguys-l@listserv.aol.com/ * RSS at www.mail-archive.com/computerguys-l@listserv.aol.com/maillist.xml * Messages bearing the header "X-No-Archive: yes" will not be archived ************************************************************************
