su - Windows version
Having been a slightly more advanced Windows user for years, I learnt a brand new thing today. I was actually looking around for some information on some issues I'm facing at work but stumbled upon this and it's too good an issue to pass up for bloggin. Especially since I'm still very dry of ideas. ;-)
Now, in Linux and also Unix spin-offs, there has always been tighter security in the shape of user login. All users must log in to use the OS and different users have different rights and permissions. The usual best practice for advocated for security reasons is to use the system under a normal user account and change to superuser for administrative purposes. Linux has a simple way of changing to superuser, or any other user in fact, by calling the su function to switch user.
As for Windows, starting from Windows 2000 (I do not know about Windows NT as my experience does not include that), anyone who wants to use the OS must also log in. However Windows also provides the option to directly boot up and log in for a system with a single user. What I've always done is to create a single user on my system and assign it to the Administrators group. This is because I like to experiment and will keep changing settings and applications for which a normal user might not be able to do. Unfortunately that means my system is less secure since a 'superuser' will log in automatically on boot-up. It was rather troublesome to keep the single user as normal user because there was no easy way to temporarily change to a user with administrative rights to install applications and the like.
Now I have found my answer. Ironically from an institute of higher learning which I've always perceived as being full of theory and empty of practice. =P
Have a look at this topic to be found in the Indiana University, University Information Technology Services' Knowledge Base.
'In Windows 2000 and XP, what is the Secondary Logon service?'
I've seen this service in the list of services of my PC but never took the time to find out more about it. Always just left it there by default. Now I know.
Now, in Linux and also Unix spin-offs, there has always been tighter security in the shape of user login. All users must log in to use the OS and different users have different rights and permissions. The usual best practice for advocated for security reasons is to use the system under a normal user account and change to superuser for administrative purposes. Linux has a simple way of changing to superuser, or any other user in fact, by calling the su function to switch user.
As for Windows, starting from Windows 2000 (I do not know about Windows NT as my experience does not include that), anyone who wants to use the OS must also log in. However Windows also provides the option to directly boot up and log in for a system with a single user. What I've always done is to create a single user on my system and assign it to the Administrators group. This is because I like to experiment and will keep changing settings and applications for which a normal user might not be able to do. Unfortunately that means my system is less secure since a 'superuser' will log in automatically on boot-up. It was rather troublesome to keep the single user as normal user because there was no easy way to temporarily change to a user with administrative rights to install applications and the like.
Now I have found my answer. Ironically from an institute of higher learning which I've always perceived as being full of theory and empty of practice. =P
Have a look at this topic to be found in the Indiana University, University Information Technology Services' Knowledge Base.
'In Windows 2000 and XP, what is the Secondary Logon service?'
I've seen this service in the list of services of my PC but never took the time to find out more about it. Always just left it there by default. Now I know.
0 Comments:
Post a Comment
<< Home