On Tue, Oct 03, 2006 at 02:33:34PM +0530, crazy frog crazy frog wrote: > I doubt it will work on any windows OS. If a user is logged in as a > user who dont have admin rights then unplugging network cable does not > give him admin.
The hack seems to be the defaulting. You authentify as a user, but you do not let the system to get the full user profile from its domain controller. The bug suggested there is that, if the OS can authentify, but cannot setup the profile after succesfully authentifying, it would incorrectly place you as a local admin. Presumably because that's the only local account. I do suspect a combo of specific OS version, SP, AD/system config, and probably the account setup script that gets executed when you create a local version of the user environment, rather than a generalized system error. Most system will indeed keep a cached copy of the network profile, and default to it when unable to fetch the profile - I'm sure the sysadmins added fancy tricks to destroy any local profile once you've logged out, and the building of the account profile when you log in for "the first time" is where the drop to admin happens. -- Vincent ARCHER [EMAIL PROTECTED] Tel : +33 (0)1 40 07 47 14 Fax : +33 (0)1 40 07 47 27 Deny All - 23, rue Notre Dame des Victoires - 75002 Paris - France _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
