Way to Grant Access to Local System Account to NETLOGON Share?
As my title suggests, I’m trying to Grant Access to Local System Account to NETLOGON Share without opening the share to anonymous users. I need to do this because the local System accounts on our servers to run a script in the NETLOGON share on the DC's. So, I would like to know if there is any method (without opening the share to anonymous users) to rant access to the local System account on our member servers to the NETLOGON share? If yes, please let me know how.
Thank you very much.
Re: Way to Grant Access to Local System Account to NETLOGON Share?
Well what you can do as of now is add a permission using the kind of trustee: DOMAIN\SERVERNAME$. in order to grant access to all computers except DC, useDOMAIN\Domain Computers.
RE: Way to Grant Access to Local System Account to NETLOGON Share?
I dont think it is possible because the local System account is just local and only local SAM on the server knows about it. hence you wont be able to include it in a ACL on a different server. By the way what is the reason which prevent you using a domain account to run the scripts?