Windows 7 / Networking

Determining Logon Context

Users can log on to the local computer using a local account, or they can log on to the domain using a domain account. Which account a user logs on with determines the logon context, and if a user logs on with a local account, access to domain resources will be limited to permissions granted to the local account.

As an example, imagine that Jasmin has a domain account in the Google.com domain named Jasmin (Google\Jasmin) and a local computer account on a computer named Win7 (Win7\Jasmin). She could be granted full control for a share using the Google\Jasmin account but no access using her Win7\Jasmin account.

Note Accounts are commonly listed in the format domain\account or computer\ account If it is a domain account, the NetBIOS name of the domain (Google if the domain is named Google com) is used If it is a local computer account, the name of the computer is used.

If you've verifi ed that Google\Jasmin has full control to the share but she is being denied access, you should check the logon context. One way to do so is by pressing Ctrl+Alt+Del to access the Ctrl+Alt+Del menu.

You can see that the account is identified as Win7\Jasmin, indicating that she is logged on using the local account. If it was the domain account, it would be listed as username.

You can also use the whoami command from the command line. This will return the username in the format of domain\username for a domain account or computer\username for a local account. The whoami /all command will also list SIDs, group memberships, and privileges for the account.

[Previous] [Contents] [Next]

In this tutorial:

  1. Managing Windows 7 in a Domain
  2. The Domain
  3. What is Wrong with Workgroups
  4. The Domain Concept
  5. Active Directory
  6. Domain Security
  7. Joining a Domain
  8. Windows 7 Offline Domain Join
  9. Browsing the Domain
  10. Searching the Domain
  11. Custom Searches
  12. Assigning Permissions to Domain Members
  13. The Double-Thick Security Trick
  14. Creating a Test Bed
  15. Creating a Domain
  16. Installing Windows Server 2008 on vPC
  17. Configuring a Windows Server 2008 Server
  18. Promoting a Server to a Domain Controller
  19. Joining Windows 7 to a Domain
  20. Authentication vs Authorization
  21. Authentication
  22. Authorization
  23. Built-in Groups
  24. Organizing Users with Groups
  25. Group Scope and Group Type
  26. Creating Users and Groups in a Domain
  27. Using HomeGroup with a Domain-Based Computer
  28. Identifying and Resolving Logon Issues
  29. Hardware vs. Network
  30. Using Cached Credentials
  31. Password Expiration
  32. Determining Logon Context
  33. Logon Hours Compliance
  34. Restricting Computer Access
  35. Time Synchronization
  36. Understanding User Profiles
  37. Standard Profiles
  38. Roaming Profiles
  39. Implementing Roaming Profiles
  40. Mandatory Profiles
  41. Super-Mandatory User Profiles
  42. Modifying the Default User Profile
  43. Configuring Settings with Scripts
  44. Anti-Malware Software
  45. Microsoft Windows 7 Defender
  46. Third-Party Anti-malware Software