Subtitles of the Movie

As we wrap things up in this chapter on security we need to talk about the principle of least privilege. And the principle of least privilege is not a utility, it's not an application, it's not a button that you push, it's not a setting that you configure in a group policy object. Rather it is a security guideline that states this, a user should have the minimum privileges they need in order to perform a specific task. And this helps ensure a couple of things. It helps ensure that if a user is comprised the impact that, that compromised user won't be able to do much damage and the impact is minimized because of the limited privileges that that user has. It also prevents a user who might not be the most knowledgeable user from poking around and getting into things and destroying things that they should not. Like someone decides that they know where the registry is now, and they want to start editing the registry on their computer to change the desktop rather than go through control panel. Well or maybe just you don't want people to get in the control panel. Least privilege says you can't get in the registry you can't get into the control panel with a normal user account. And in real world networks those types of users probably end up doing more damage than the really malicious hacker types of users as far as putting a dollar figure on it. The keys to the principle of least privilege are run as command and the secondary logon service. The run as command lets a normal user run a utility or an application in the context of another user account, without having to logoff and in fact Microsoft recommends that even if you're an administrator, you should use the computer, you should work on your Excel spread sheet, or check your outlook email in the context of a normal user account and then if you need to do something like modify a user in Active Directory users or computers, you right click and then from the context menu choose run as. Given the dialog box here, do you want to run in the context of the currently logged on user? Now never mind what I just said, of course my recommendations aren't going to apply to me, they only apply to you as someone who is a test candidate. I can do whatever I want by golly it's my computer. But nevertheless I should be logged on as a normal user here and then choose a following user. Here is where I put the run as to use. I run a program Active Directory users and computers in the context of another user account. And notice here that I can change the domain so if I'm in a forest, I can run something as the enterprise administrator for example. That is the run as command at least from the graphical interface. There's also a run as command from the command line and it looks like this. It's run as and then from the command line you would type run as, and then the forward slash and the user and you type in the UPN the User Principle Name of the user, user at domain and then the next thing is that you put the path to the utility. Not really important to look at an actual example of the syntax but rather just be able to recognize run as is the command line utility of run as. Both of these rely on the secondary logon service. So we ever have problems with implementing this or using run as make sure that the secondary logon service is running. This should be configured to start automatically. However under programs administrative tools open up your services MMC and down in this list under the S's is secondary logon service So right now it is started, it's startup type is automatic, you can investigate the properties here but again it should be started automatically. So with the secondary logon service and with proper use of the run as command you implement the principle of least privilege.