Computer account authentication

system 2011-06-01 21:56:08 UTC #1

(imported topic written by cstoneba)

We need to run files from a remote fileshare, and the ‘null share’ isn’t an option due to security restrictions. Another product we use has this ability to connect to remote fileshares, however it first tries to authenticate as the local system account (same as bes), second it tries to connect as the AD computer account of the endpoint, which seems to work.

Is this an option within BigFix?

BenKus 2011-06-02 11:05:54 UTC #2

(imported comment written by BenKus)

Can you use RunAsCurrentUser?

How does your other product store the AD credentials used to contact the remote server?

Ben

system 2011-06-02 17:01:55 UTC #3

(imported comment written by cstoneba)

We can’t assume that there is always a user logged into the server, so I don’t think runascurrentuser would work. I’m not sure how the other product does it, but I just know it does.

If first tries to authenicate as system, then the computer account, and if those don’t work, you can specify AD credentials. It’s a MS product, maybe someone else knows. However it does it, would be very useful if bes did it.

system 2011-12-08 21:13:32 UTC #4

(imported comment written by SystemAdmin)

Could the computer account be set up in AD to allow delegation? Would that work? See attachment.

How about computer certificates?

In any case, having an authentication mechanism without relying on anyone being logged on would be huge. RunAsCurrentComputer.exe anyone …

system 2011-06-06 19:17:50 UTC #5

(imported comment written by SystemAdmin)

Hi All,

I know this is not the right place for my question but still I’m asking as I am new to this forum and don’t know how to start new thread.

My question is: I am using evaluation version and not seeing all the features in console which have been mentioned in documentation. is there any difference of features in evaluation and production versions or customization is needed to view full features?

Thanks,

Faraz