Referring to the network login of Windows system, generally we first think of 3389 login, which is to log in to the target machine through the terminal connection server. However, you may not be very clear. Most of the network logins between Windows systems are actually made through port 139. This is stipulated by the SMB/CIFS protocol. The client establishes a connection through 139, sends the username and password to the server, and the server listens on port 139. After receiving the request from the client, it checks the received username and password. If the error occurs. , then refuse to connect, if correct, give the client the appropriate permissions, this is the most basic network login process for Windows.
The above statement may be very abstract, in essence, this login process we can visually regard it as the target machine to establish an IPC connection. The net use command you execute establishes an IPC connection with the machine, and the request is made through 139. If the user used in your net command is the Administrators group, the target machine will give you the IPC connection Administrators permission after the establishment is successful. Guest permissions, of course, if you are using a null connection, the permissions you get are trivial.
Little knowledge about IPC: IPC is an abbreviation of Internet Process Connection, which is a remote network connection. It is a feature unique to Windows NT/2000/XP that establishes a communication connection between two computer processes. Then, some network communication program communication can be established on the IPC. For example, the IPC connection is like a tunnel, and then we use the program to access the remote host through the tunnel. By default, IPC is shared, which means that Microsoft has dug this tunnel (IPC) for us. What are the conditions for establishing an IPC connection? First of all, your own system should be WinNT or above, Windows 98 can't, because Win98 network management has few functions in this aspect, Windows 98 has no IPC, IPC is only available for Windows NT and Windows 2K/XP/2003.
OK, understand the IPC connection, we go one step further, in fact, IPC is also a shared resource, but it is special, when we use net use to establish IPC connection, it is plain, it is to use our mastery The username and password apply for the IPC shared resource of the other party. Similarly, when we use the net use command to map the other disk, we also use the username and password we have to apply for the other disk sharing resources. Therefore, the net use command, regardless of whether you apply for IPC resources or disk resources, will log in through the 139 port first, and then proceed.
The network login process is basically the same, we continue to deepen, look at the permissions obtained by the network login. First of all, to talk about this, the handling of Windows 2000 system and Windows XP system is different.
Let's look at Windows 2000 first. Windws 2000 system is more realistic (hehe, how do you say this?), Windows 2000 system is completely based on the user name and password you provide to log in, that is, you log in with the super user (that is, establish a connection), then you You can get the super user's connection permission. You log in with the Guest, you get the connection permission of the Guest, and if you use the empty connection, the permissions you get are as in the above, insignificant.
Look at Windows XP again, this is different from the Windows 2k system. The default Windows XP system does not give login privileges based on the username and password you provide. This can be found in the help of Windows XP system, as shown in the figure (pictured). Windows XP Network Logon There are two modes available: "classic" and "Guest only", a detailed explanation is as follows:
if the login mode is set to "typical" user during use is to provide customers with Sign Log in. After logging in successfully, you have the rights of this user. If it is set to "guest only", no matter what user is logged in during the login process, if the login is successful, it will be automatically mapped to the "guest" account, that is, only the privileges of the guest user. Simply put, the Windows XP network login is obtained. The permissions depend on the system settings. If it is "typical", then you can get the corresponding permissions of the users you own. If you have a superuser, the permissions obtained are superuser privileges, and if it is "guest only", then No matter what user rights you use, even if you are a superuser, you can only get Guest permissions after establishing a connection. Unfortunately, the default setting for Windows XP is "Guest only."
The problem of network login permissions is clear. Let's expand it. When we ask for the resources of the target machine, what permissions are required? IPC$ is very simple, in the target system default setting, regardless of the Guest user. The administrator user, even NULL, can log in, but the disk resources are different. By default, only the users of the Administrators group can log in, that is, only the superuser rights can be mapped to the disk.
Now that the network login has been told, let's take a look at a specific question. The following is a post posted by a friend on the forum: In the LAN, the other party uses XP, and opens the port 139. I use the other machine. The super user IPC connection (the password and the username are definitely correct), the prompt is successful, I want to use the net use z:\\ip\\d$ command to map the other party's D drive, but always prompt the user name and password are incorrect, even if I Enter the correct username and password, or not. That is why ah? ?
With the basics I introduced earlier, we can now answer this question completely. The other party is Windows XP. With the correct superuser password, using this password to establish an IPC connection is successful, but the mapping The disk is unsuccessful. The reason is that the Windows XP "guest only" default setting, no matter what password you use to log in, is the Guest privilege, and the mapped disk must be Administrator privilege, so the disk can not be mapped successfully, IPC can The connection is successful because no special permissions are required to establish an IPC connection. Any user password can be NULL.
Let's summarize, by default, Windows 2000 system can get any shared resources of the target as long as you have superuser privileges. Windows XP system is different, because the default setting is "only guests." "So, no matter what user you log in with, even if you have a superuser password, the permissions you get after login are just Guest.
Registry method has the option to disable autoplay of discs Run the registry editor Regedit, expand
First, PConline solution 1. Unplug the network; 2. Re-enter WinXP security mode, Panda The burning
I recently encountered such a thing, in the Windows XP operating system double-click can not open th
2. Move the best features of Vista to Windows XP. 1, Task-Switching à la Flip 3D (task switching 3D
Really understand the mysterious digital signature of SP2
The master and you will understand the situation after the memory damage
God unwittingly replaces Windows XP user passwords
Windows XP Six Tips Latest Application Tips
Convenient way to switch users in Win XP operating system
Why is there less and less space on Vista's C drive? (1)
Automate Windows XP operations to the end
Windows XP SP2 firewall to create the strongest body armor
Not even a trace of difference: XP perfect simulation Vista Raiders (8)
File System Conversion in Windows XP Operating System
Win10 system IE opens the web page display incomplete solution
How Win8 uses RD command to delete files with insufficient permissions
How to do win10 super button does not work out Win10 super button can not come out method
Win8 must-have tools for playing Weibo
How to manually add and delete Windows services (1)
How much traffic will be consumed by playing WeChat
WinXP system desktop icons all disappeared three solutions
Win10 preview version 10532 new version of "mail", please return to Win8 initial function