Learn Win XP Pro in 15 Minutes a Week: User Rights and User Privileges Page 4

By ServerWatch Staff (Send Email)
Posted May 23, 2003


[NOTES FROM THE FIELD] - It is important to note that with a little effort and the correct level of knowledge a user with Power User rights on a local system can elevate their privileges on that system to the point where they can operate with a level of administrative access.

Great care should be taken as to who is a member of this group and if that level of access is really necessary.

Members of the built in Remote Desktop Users group can remotely log on to another system via Remote Desktop Connection and Terminal Services. While this group actually has no user privileges on the local system by default they are able to log on remotely.

There are no user accounts in this group by default.

Members of the built in Users group can perform common tasks on the local Windows XP system and are allowed to use the local resources to which they have the proper permission rights to use. By default, the Domain Users, Authenticated Users, and Interactive groups are members of this group when the system is joined to the domain.

This makes any domain user account created a member of this group automatically at the time of the account creation.

Members of the built in Users group are granted the following User Privilege by default:

  • Bypass traverse checking.

Users added to the Network Configuration Operators built-in group have no default user privileges from their membership to this group but they are able to make changes to TCP/IP settings and renew and release TCP/IP addresses.

There are no user accounts in this group by default.

The built in Replicator< group is available to support replication functions on the local system. The only member of the Replicator group should be the specific domain user account used to log on the Replicator services of a domain controller. User accounts of actual users should not be added to this group.

There are no user accounts in this group by default and the group has no user privileges on the local system.

Well, that wraps up this section of "Learn Windows XP Professional in 15 Minutes a Week." I hope you found it informative and will return for the next installment. If you have any questions, comments, or even constructive criticism, please feel free to drop me a note. I want to write solid technical articles that appeal to a large range of readers and skill levels and I can only be sure of that through your feedback.

Until next time, best of luck in your studies and remember,



I used to think that "Legally Drunk" was the funniest oxymoron I had heard until I heard someone mention something about "Business Ethics."


Jason Zandri, MCT, MCSE, Security+ Certified Professional, Certified Information Systems Security Professional (CISSP), currently holds the position of Technical Account Manager at Microsoft Corporation and has worked as a technical trainer and consultant for a variety of corporate clients in Connecticut over the past six years. He is available to work on an independent contract basis for technical authoring and editing, including books, articles, and whitepapers as well as customized corporate training and Microsoft CTEC training.

Page 4 of 4


Comment and Contribute

Your name/nickname

Your email

(Maximum characters: 1200). You have characters left.