Hello Everyone,
We are in the process of collapsing 3 NT 4.0 domains into one Win2K AD domain. With this scenario I will have Administrators, Faculty and Graduate Student computers all in the same domain. Unfortunately, much of the software used by the Graduate students requires them to have full Admin access to their local computer.
Does giving local admin rights to a computer that is a member of the AD domain pose a security risk to my servers or other PC’s on the domain? Are thereany known exploits that will leverage local admin access into domain Admin access?
I know it sounds paranoid, but… 🙂
Thank you,
–Dave