Hey Steven,
Thanks for the reply. Please see inline for a clarification questions. You
also replied to a different issue I had with regard to misinformation with
this same book. I don't know why I'm still reading it.
Steven L Umbach said:
You are correct. Account logon events are recorded on the computer that
authenticates the user
(ok.. yep) - domain controller for domain user and local
computer for local account
(ok.. yep.. still with you). Logon events are recorded when a user accesses
a
(A: with you but with question; see below) or logs onto a domain computer
(B: this is where I need clarificaiton: what exactly do you mean by 'logs
onto a domain computer'?). --- Steve
A: where would this type be logged? in the security log of the system
running the server.exe service?
B: what constitutes logging on to a domain computer in this context? opening
up a mapped drive? navigating through network neighborhood to a server
share? using a UNC path to a server share? When I read your response I feel
like I'm with you all the way until this last part really, because 'logs
onto a domain computer' sounds like a ctr+alt+del interactive login to me.
I know, I'm hard headed... but I appreciated your help. I will read the
links you provided as well. Thanks.