Well-known security identifiers in Windows operating systems (http://support.microsoft.com/kb/243330) does not include SYSTEM among the name of well-known SIDs While "LOCAL SYSTEM" is among them My Windows XP Pro SP3 (workgroup , with .NET 2.0, 3.5, 4.0, MS SQL Server 2008 R2 Trial (developer) installed), has SYSTEM but not "LOCAL SYSTEM". Why? Also, all docs, forum discussion are around "LOCAL SYSTEM". How should I read/understand "LOCAL SYSTEM" in context of my Windows XP Pro SP3?

On Mon, 9 Aug 2010 13:09:25 +0000, vgv8 wrote: Well-known security identifiers in Windows operating systems (http://support.microsoft.com/kb/243330) does not include SYSTEM?among the name of well-known SIDs While "LOCAL SYSTEM" is among them My Windows XP Pro SP3 (workgroup , with .NET?2.0, 3.5, 4.0,?MS SQL Server 2008 R2 Trial (developer) installed),??has SYSTEM but not "LOCAL SYSTEM". Why? Also, all docs, forum discussion are around "LOCAL SYSTEM". How should I read/understand?"LOCAL SYSTEM" in context of my Windows XP Pro SP3? As an FYI this group is for discussions concerning Windows Server security, not Windows client security. Windows XP questions really don't belong here. Paul Adare MVP - Identity Lifecycle Manager http://www.identit.ca

1) I have Server service running on my Windows XP Pro, as well as NetworkingServices packs + Management and Monitoring Tools Basically, I use all the same servers only for 1-3 users environment, 2) my questions are more related to Windows networking. This windows networking environment is more in context of Windows server than (isolated) desktop Can you advise me Windows workgroup networking inside AD domain forum?

Well-known security identifiers in Windows operating systems (http://support.microsoft.com/kb/243330) does not include SYSTEM among the name of well-known SIDs While "LOCAL SYSTEM" is among them My Windows XP Pro SP3 (workgroup , with .NET 2.0, 3.5, 4.0, MS SQL Server 2008 R2 Trial (developer) installed), has SYSTEM but not "LOCAL SYSTEM". Why? Also, all docs, forum discussion are around "LOCAL SYSTEM". How should I read/understand "LOCAL SYSTEM" in context of my Windows XP Pro SP3? System is well-known SID. From your provided link: SID: S-1-5-18 Name: Local System Description: A service account that is used by the operating system.http://en-us.sysadmins.lv

On Mon, 9 Aug 2010 13:57:02 +0000, vgv8 wrote: 1) I have Server service running on my Windows XP Pro, as well as NetworkingServices packs + Management and Monitoring Tools All Windows clients have a server service, that's what allows for file and printer sharing, it doesn't make them a Windows Server OS which is the purpose of this forum. Basically, I use all the same servers only for 1-3 users environment,? 2) ?my questions are more related to Windows networking. This windows networking environment is more in context of Windows server than (isolated) desktop ?Can you advise me Windows workgroup networking inside AD domain forum? There is no such thing as "workgroup networking inside AD domain". You're either a domain member or you're not. Paul Adare MVP - Identity Lifecycle Manager http://www.identit.ca

All Windows clients have a server service, that's what allows for file and printer sharing, it doesn't make them a Windows Server OS which is the purpose of this forum. Where is it written that this forum is for Windows Server OS? All I could find tell only about Windows Server Besides, what is the sense of servers without clients?

"Where is it written that this forum is for Windows Server OS?" At the Top - http://social.technet.microsoft.com/Forums/en-US/category/windowsserver "All I could find tell only about Windows Server" Windows Server & XP are to OS what dog's & cat's are to Mammals.

Should I understand this ranting that well-known SIDs differ in server Windows OS from those in XP?

Should I understand this ranting that well-known SIDs differ in server Windows OS from those in XP? no. They are the same in both, server OSs and desktop OSs.http://en-us.sysadmins.lv

Should it be understood that Windows workgroup computer has single-sign-on to domain computer (and vice versa) as soon as passwords of local Guest or Administrator account are the same between domain and workgroup Windows? I did not understand what is the sense in calling LocalSystem by SYSTEM account and vice versa. I shifted the discussion to http://serverfault.com/questions/168752/windows-localsystem-vs-system

no, because (as Paul said) workgroup haven't secure channel.http://en-us.sysadmins.lv

no, because (as Paul said) workgroup haven't secure channel. http://en-us.sysadmins.lv As I understood from http://blogs.msdn.com/aaron_margosis/archive/2009/11/05/machine-sids-and-domain-sids.aspx a secure channel is established with AD machine account which is adDed during the process of joining the computer to domain. The built-in local accounts are not being used for this and they do not differ between the joined and non-joined to domain computer. So, what is the problem of their use for insecure communication and SSO between domain and workgroup computers? ny making the same passwords on built-in common Guest or Administrator account?

On Tue, 10 Aug 2010 22:43:09 +0000, vgv8 wrote: As I understood from http://blogs.msdn.com/aaron_margosis/archive/2009/11/05/machine-sids-and-domain-sids.aspx?secure channel is established AD machine account which is aded during the process of joining the computer to domain. The built-in local accounts are not being used for this and they do not differ between the joined and non-joined to domain computer. So, what is the problem of their use for insecure communication and SSO between domain and workgroup computers? Without providing any context in your question it really doesn't make any sense. What exactly are you trying to accomplish here? Paul Adare MVP - Identity Lifecycle Manager http://www.identit.ca

On Mon, 9 Aug 2010 13:09:25 +0000, vgv8 wrote: Well-known security identifiers in Windows operating systems (http://support.microsoft.com/kb/243330) does not include SYSTEM?among the name of well-known SIDs While "LOCAL SYSTEM" is among them My Windows XP Pro SP3 (workgroup , with .NET?2.0, 3.5, 4.0,?MS SQL Server 2008 R2 Trial (developer) installed),??has SYSTEM but not "LOCAL SYSTEM". Why? Also, all docs, forum discussion are around "LOCAL SYSTEM". How should I read/understand?"LOCAL SYSTEM" in context of my Windows XP Pro SP3? As an FYI this group is for discussions concerning Windows Server security, not Windows client security. Windows XP questions really don't belong here. Paul Adare MVP - Identity Lifecycle Manager http://www.identit.ca SQL Server Support on Windows XP x64 states: "Basically, Windows XP x64 is really Windows 2003. The Service Packs (SP) for Windows 2003 (http://www.microsoft.com/downloads/details.aspx?familyid=08FEC2F5-6E3B-4E0D-9314-646414D0A421&displaylang=en) will apply to a Windows XP x64 system. The latest SP for Windows 2003 or Windows XP x64 is SP2, where the latest SP for Windows XP x86 is SP3"

You can argue about this as much as you like, and in fact, a similar argument could be made for Windows 7 and Server 2008 R2 as they are built on similar code bases. The bottom line here is that there are forums that are intended for Windows Client support and forums for Windows Server support. This one happens to be for the latter and if you persist on posting Windows Client questions here, not only won't they get answered but the forum moderators will wind up moving them to the correct forum.