Accessing files across a network using the SYSTEM account

networking filesystems powershell user-accounts sccm
18,479

Solution 1

LocalSystem account

  • Name: .\LocalSystem (can also use LocalSystem or ComputerName\LocalSystem)
  • the account has no password (any password information you provide is ignored)
  • HKCU represents the default user (LocalSystem has no profile of its own)
  • has extensive privileges on the local computer
  • presents the computer's credentials to remote servers

Completely trusted account, moreso than the administrator account. There is nothing on a single box that this account can not do and it has the right to access the network as the machine (this requires Active Directory and granting the machine account permissions to something).

Source/More info at this StackOverflow answer: https://stackoverflow.com/a/510225/225906

Solution 2

By adding 'Domain Computers' to the files permissions list, I am able to allow the System Account to access the file, and use the permissions assigned to Domain Computers.

Share:
18,479
Random206
Author by

Random206

I am a System Administrator at a high school in Brisbane, Australia. I mainly use this website to find information about scripting in regards to Batch Files and sometimes VBS. I don't know everything, and I don't expect people to tell me everything, however I am grateful for the information you are able to supply, and I will do my best to help you back were possible. Thanks, Toby

Updated on September 18, 2022

Comments

  • Random206
    Random206 over 1 year

    I'm not sure if I am asking this in the right spot or not, sorry if I am wrong.

    I would like to know please, SCCM is currently operational in our school, and we use it to install software across our network.

    I have a piece of software that requires a different channel for each room or staff laptop that it is installed in.

    I have managed to set up a powershell script that polls a csv for the channel that should be assigned to each room, and when the script it run, it pulls that channel and installs the software with that channel assigned.

    What I am having trouble with now, is that SCCM installs the software using the local system account, and the csv is located on a network share. When the System account goes to poll the csv file it gets an access denied error, even though System has full control of the csv and directory that the csv is located in.

    Is it just me not understanding the permissions that System has, or can System not interact with other devices over the network, I assumed that being system on both devices, it would be able to cross to another device and impersonate system on that device.

    Is there a way around this?

    Thanks for any feedback.

    • Patrick Seymour
      Patrick Seymour over 9 years
      Just out of curiousity... LanSchool?
    • Random206
      Random206 over 9 years
      Yes Patrick, correct, haha, good guess, are you having issues also?
    • Patrick Seymour
      Patrick Seymour over 9 years
      No, but we use it in a VDI environment, not on real computers.
  • Random206
    Random206 over 9 years
    So if I were to add 'everyone' with read/write permissions to the particular files, I would be able to access it using the System Account?
  • Jon Marnock
    Jon Marnock over 9 years
    Don't do that :)
  • Jon Marnock
    Jon Marnock over 9 years
    Or a local account on each computer, though that's more management and harder to repudiate if there's a security problem.
  • Random206
    Random206 over 9 years
    No it's OK I have added Domain Computers to the permissions list, and assigned that Read/Write permissions.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Best Way to Transfer Large Files in Windows
Is there a way to switch user from powershell or cmd?
Retrieve SCCM collection membership via PowerShell
Users and Groups management on 7 Home Premium
how to connect Cisco AnyConnect Secure Mobility Client VPN using batch script or shell script in windows
External IP of Internal Server
How to reset TCP/IP on Windows 8.1?
Command Prompt - Accessing "Access is Denied" folder
Windows 10 Force NIC into Promiscuous Mode
How can I rename a Windows Vista user account?