Lets say I have a NT domain called ntdomain and a XP notebook with a machine name of xpmachine and a login name of newuser.
Are the following statements correct?
I can login with newuser to either xpmachine or ntdomain and they are completely different logins with different desktops.
If I want to logon to xpmachine with the username newuser the username newuser has to exist on the local machine.
If I want to logon to ntdomain with the username newuser the username newuser has to exist on the NT domain.
If I only want to login to ntdomain then the username newuser does not have to exist on the local host.
So finally the questions?
If I logon with the username newuser to the domain ntdomain and the username newuser does not exist on the local domain I can still access the loca C: drive. I must have some sort of default rights, what are they.
Is this a security hole? Can I create a bogus NT/2K server connect this notebook logon to the new domain and see portions of the local harddrive not knowing any usernames or passwords of the local computer?