What security token is used when using UNC path remotely under domain admin context?

5 pts.
Windows 7 security
I came across what I deemed a strange behavior while trying to automate a file copy on Windows 7. Perhaps someone could shed some light. Environment: Windows 2008 domain with Windows 7 clients. Scenario and facts: Goal is to copy/replace a single file in the Default profile. Because of newly implemented security configuration on the Default profile folder in Win 7 even the local admin is denied permission to override anything under that folder; not unless the copy operation is being executed under the elevated admin security token or (from my research) under the local SYSTEM account’s security context. This behavior is true when the copy operation is executed locally using either the UNC path or standard path. However the copy/override operation succeeds when it originates from a remote Windows 7 machine via UNC path (ex: \TargetWin7C$UsersDefault...TargetFolder) and this copy operation is executed using the Domain Admin account under standard, non-elevated token (note: Domain Admin account is a Local Admin on the target PC). All of the above is true when using any CLI or programmatical approach – ex: xCopy, VBS FileSystemObject.copyFile method. Question: What is the difference between executing the operation locally and doing so remotely in this case? It seems that when doing it over the network the session is treated as being with UAC “HIGHEST Privileges”. Note: THis is not a question about the missing "Copy To" button in the Profiles of Windows 7. The Default Profile is used as example - I'm only interested in the security aspect of the above.

Software/Hardware used:
Windows 7, Windows 2008 Domain

Answer Wiki

Thanks. We'll let you know when a new response is added.

Basically when you access files remotely UAC is bypassed. The UAC on the location system that your copy process is running on doesn’t know if UAC is supposed to be enforced on the remote file system and even if it did, it wouldn’t know if the files that you were looking at were supposed to be protected by UAC or not as that isn’t the local system.

Discuss This Question: 1  Reply

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • The Most-Watched IT Questions: November 8, 2011 - ITKE Community Blog
    [...] A member runs into an odd security behavior with Windows User Access Control. MrDenny provides an [...]
    0 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: