Versions Compared

Old Version 6

changes.mady.by.user David Doret

Saved on

compared with

New Version Current

changes.mady.by.user David Doret

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Excerpt

Context

IAM

Title

Microsoft's Typology of Windows Local Accounts

Version

1.0

Status
colourYellow
titleDraft

Summary

Microsoft provides a partial typology of Windows Local Accounts. This typology is presented here.

See Also

TODO

  •  Complete the section on the System vs Non-System dimension
  •  Propose a robust definition of Default / Built-in
  •  Propose a robust definition of System
  •  Start a similar article covering Linux

In Microsoft, 2019(1), Microsoft proposes a bi-dimensional partial typology of Windows Local Accounts in Microsoft, 2019(1) . A number of empirical entities are typed, which gives us the following table:

Default Local System Non-Default Local User Account

Default

Non-Default

System

X

Non-System

Default Local User Account

  • Local User Account
    e.g.: “John Dow”

Empirical Entities in the Microsoft’s Partial Typology of Windows Local Accounts

The attentive reader will observe the absence of a description for the Non-Default Local System Account. But before getting into that, the first step in analyzing this partial typology is to define its dimensions.

Default vs. Non-Default

Default vs Non-Default: , which is why the typology is partial.

From that table, the following typology is inferred, where cells represent Windows Local Account types:

Default

Non-Default

System

Default Local System Account

X

Non-System

Default Local User Account

Non-Default Local User Account

Microsoft’s Partial Typology of Windows Local Accounts

The Default vs. Non-Default Dimension

Per Microsoft, 2019(1), default accounts are built-in accounts created automatically when the OS is installed. Conversely, non-default accounts are non-built-in accounts created after OS installation.

...

  • when an account that is an integral part of the OS is deployed by Microsoft after OS installation as part of an upgrade,

  • when an account that is an integral part of the OS is deployed as part of the installation of a complementary Windows Component after OS installation,

  • when an account that is an integral part of the OS is deployed by a third party (e.g.: a device driver, that is defined as a trusted part of the OS that can execute within it with System account credentials, Russinovich et al., 2017),

  • when a custom account is created as part of a custom script during OS installation.

  •  Propose here a more precise definition of default that allows the arbitrage of the given counterexamples.

Nevertheless, arbitrages can be made to classify accounts in these grey areas. In consequence, for operational purposes, we may state that the default vs non-default dimension satisfies in general the properties of exhaustivity and mutual exclusivity. That is to say, a Windows Local Account is either an integral part of the OS or it doesn’t and the default vs non-default dimension may be considered an unidimensional typology (cf. Bailey, 1994, p.3).

The System vs. Non-System Dimension

  •  Complete this section.

System vs Non-System: System Per Microsoft, 2019(1), System accounts are used by the OS and its services.

To privilege concision and readability, definitions are provided via dictionary entries under the References column.

...

Empirical Entity

...

Of Identity Class?

...

Comments

...

References

...

Windows DefaultAccount Account

...

???

...

  • Parent Type: Windows Default Local User Account.

  • This object if of particular interest for classification purposes because it is defined as multi-user or user-agnostic.

...

Windows DefaultAccount Account (Dictionary Entry)

...

Windows Default Local System Account

...

Yes

...

  • Parent Type: Windows Local Account

  • Childrent Types: Windows LOCAL SERVICE Account, Windows NETWORK SERVICE Account, Windows SYSTEM Account

...

Windows Default Local System Account (Dictionary Entry)

...

Windows Default Local User Account

...

Yes

...

  • Parent Type: Windows Local Account

  • Childrent Types: Windows Administrator Account, Windows Guest Account, Windows HelpAssistant Account, Windows DefaultAccount Account

...

Windows Default Local User Account (Dictionary Entry)

...

Windows Guest Account

...

Yes

...

  • Parent Type: Windows Default Local User Account.

...

Windows Guest Account (Dictionary Entry)

...

Windows HelpAssistant Account

...

Yes

...

  • Parent Type: Windows Default Local User Account.

...

Windows HelpAssistant Account (Dictionary Entry)

...

Windows Local Account

...

Yes

...

  • Children Types: Windows Default Local System Account, Windows Default Local User Account, Windows Local User Account

...

Windows Local Administrator Account

...

Yes

...

  • Parent Type: Windows Default Local User Account.

...

Windows Local Administrator Account (Dictionary Entry)

...

Windows LOCAL SERVICE Account

...

Yes

...

  • Parent Type: Windows Default Local System Account

...

Windows LOCAL SERVICE Account (Dictionary Entry)

...

Windows Local User Account

...

Yes

...

  • Parent Type: Windows Local Account

...

Windows (Non-Default) Local User Account (Dictionary Entry)

...

Windows NETWORK SERVICE Account

...

Yes

...

  • Parent Type: Windows Default Local System Account

...

Windows NETWORK SERVICE Account (Dictionary Entry)

...

Windows SYSTEM Account

...

Yes

...

  • Parent Type: Windows Default Local System Account

...

A Revised Typology

  •  Check correlation of given types
  •  Check consistency between definitions and the hierarchical classification of accounts proposed by MS