Correct me if I'm wrong, but here is what I think of that :
A Domain user that is a Local admin of his workstation is different than
a Domain user which is Domain Admin.
Then, a local admin whose account is an AD account can run scripts *on
his local machine* in the name of the domain admin.
such as DNS servers (for this attack) and more.
Regards,
Jeremy Saintot
___
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Here is a short analysis of the passwords chosen by myspace users,
that some guy has phished a few weeks ago.
The analysis is based on a list of 36700 user passwords. The
original file contained 56000+ lines, but I removed the blank passwords
and those that were 20+ characters length,