• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

If I remotely remove someone's admin access to a machine while they're logged in...

If I am not mistaken, the local permissions on the machine will not take affect until they log out and back in since they only authenticate one time, but the domain permissions will take affect immediatly since you authenticate per resource or request.
 
Originally posted by: Kappo
If I am not mistaken, the local permissions on the machine will not take affect until they log out and back in since they only authenticate one time, but the domain permissions will take affect immediatly since you authenticate per resource or request.
Click to expand...

I think you're confusing permissions and group membership. If you remove someone from the local administrators group, they will have administrative access until they log off. If you remove someone from the domain admins group, you'll have the same result: the user will still be an admin until they log off and log back on to rebuild their token. That's group membership.

Now look at file permissions. If you remove a group from access to a share while a user in that group is logged on, they will be denied access to the share the next time they access it. No need to log off.

 
You must log in or register to reply here.

TRENDING THREADS

Back
Top