The sentence
"The Local System account... doesn't have
access to resources not on the local system,..."
is incorrect.
The Local System account acts as the computer on the network
and this is also true for the Network Service acount.
The Local Service account and the Network Service account
are subsets of the Local System account
as far as permissions are concerned.

############################################################
http://msdn.microsoft.com/en-us/library/ms684190(VS.85).aspx
LocalSystem Account
"It has extensive privileges on the local computer,
and acts as the computer on the network."
"The service presents the computer's credentials
to remote servers."
############################################################
http://msdn.microsoft.com/en-us/library/ms684272(VS.85).aspx
NetworkService Account
"A service that runs in the context of the NetworkService
account presents the computer's credentials
to remote servers."
############################################################
http://msdn.microsoft.com/en-us/library/ms684188(VS.85).aspx
LocalService Account
"It has minimum privileges on the local computer
and presents anonymous credentials on the network."
############################################################

Dimitrios11/19/2009 6:38:10 PM

Nice article about some basics in security. I was expecting some more advanced since security is the cover of the issue.

Take Care!

Marcos11/6/2009 7:19:22 AM

Great article. Appreciate your work in creating it. My lack of knowledge of "The Cloud" will show with my question...but here goes anyway. Will corporate or small business DBAs need to worry about this when the cloud technology is in full swing? Thanks again.

SEAN11/5/2009 3:42:08 PM