Re: Run As/Domain Login Windows XP Home

[Oliver Maurhart <oliver.maurhart () arcs ac at>]

I'm just curious: why do you think, that a browser-process running as a
certain user does have anything to do with an Exchange-Webmail-Domain-User?

I access my company's exchange webmail service also via a browser ... from my
Firefox/Linux ...

Operating System user specify which Operating System resources on the local
machine can be accessed and which may be denied. Among those resources are
certainly files but also hardware devices like ethernet card, printers, USB
stuff etc.

I can't see, how an operating system on the local machine does in any way
relate to some sophisticated user concept encapsulated in arbirtrary HTTP
protocol messages.

Sure, you're current login user could be the same as the user at the exchange
server, but since you are using a browser doing Webmail you are going over
simple HTTP, which - initialy - is a stateless protocol: it doesn't have any
clue about something called "session" or even "user". Those items are built in
by more sophisticated protocols based on top of HTTP (HTTP + SSL = HTTPS), but
if then - derived from an absolute "I don't know a user" basis - you simply
can't grasp a user out of nothing, because the underlaying standard stuff
won't let you.

Well, at least if you're going in a formal standard way, without installing
some fancy "Add-Ons" to your special, favorite Web-Browser to ask the current
underlaying operating system, what the heck the current process user is. But
again: this - as for XP - is usually some closed code in binary format and it
is going for very sensitive operating system details. So you - for yourself -
don't actually know, what this "Add-On" is *really* going to do ...

Is this really what you want?



Oliver


Kenton Smith wrote:
> Why would you want to do this? There are programs that
> will let you run other programs as a particular user,
> however since XP home doesn't allow for domain
> integration I would suspect that you can't do this
> either.
> Does the webmail interface not ask you to login? If
> not, it should, and if so does that not accomplish
> exactly what you are trying to do?
>
> Kenton
>
> --- Sam Munro <sam.munro () gmail com> wrote:
>
> > HI All,
> >
> > I have a scenario for you.
> >
> > None cooperate laptop on a company network not
> > registered on the domain.
> >
> > Problem number one OS is XP home.
> >
> > I want to access company email via web-access from
> > this laptop.
> > Internet access is already possible via the company
> > proxy.
> >
> > I want to run the browser as a user on the domain
> > and then access my
> > mail with the exchange server URL.
> >
> > Is this possible and if so how. Step-by-step
> > instructions would be advantagous.
> >
> > Cheers,
> >
> > Sam
> ---------------------------------------------------------------------------
> > This list is sponsored by: Norwich University
> >
> > EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE -
> > ONLINE
> > The NSA has designated Norwich University a center
> > of Academic Excellence 
> > in Information Security. Our program offers
> > unparalleled Infosec management 
> > education and the case study affords you unmatched
> > consulting experience. 
> > Using interactive e-Learning technology, you can
> > earn this esteemed degree, 
> > without disrupting your career or home life.
> >
> > http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------
> >
>
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
>
> ---------------------------------------------------------------------------
> This list is sponsored by: Norwich University
>
> EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
> The NSA has designated Norwich University a center of Academic Excellence 
> in Information Security. Our program offers unparalleled Infosec management 
> education and the case study affords you unmatched consulting experience. 
> Using interactive e-Learning technology, you can earn this esteemed degree, 
> without disrupting your career or home life.
>
> http://www.msia.norwich.edu/secfocus
> ---------------------------------------------------------------------------

-- 
DI Oliver Maurhart
ARC Seibersdorf research GmbH
Quantum Information Security
Quantum Technology
Tech Gate Vienna
Donau-City Strasse 1/3rd floor
1220 Vienna, Austria

Phone: +43 (0) 50550 - 4182
Fax:   +43 (0) 50550 - 4190
eMail: oliver.maurhart () arcs ac at
Web:   http://www.smart-systems.at

RSA2048 Fingerprint: 918C DEBC B216 C8BA 5FC8 6075 B94E 22BD 4CE2 18DD

Attachment: oliver.maurhart.vcf
Description:

Attachment: signature.asc
Description: OpenPGP digital signature