Do "Everyone" and "Authenticated Users" include user accounts which are non built-in and without password ?
I found the definition of Windows special permission "Everyone" and "Authenticated Users" are very unclear, especially regarding non built-in user accounts without password.
I failed to find any website discussing on that:
Do "Everyone" and "Authenticated Users" include user accounts which are non built-in and without password ?
Firstly my found references:
- https://social.technet.microsoft.com/Forums/windows/en-US/3816efc7-255f-4f01-a71d-f27be627e439/authenticated-users-vs-everyone
- https://www.varonis.com/blog/the-difference-between-everyone-and-authenticated-users
From above references, I consolidated as (I hope I do not misunderstand...) :
- "Everyone" = "Authenticated Users" + (Guest, IUSR & IWAM accounts) + Anonymous account [starting from Windows XP and Windows Server 2003]
- "Authenticated Users" =
users authenticated with password or guest in local domain
- users authenticated with password or guest in trusted domain
Then in my case,
I have an admin account on my Win 8 Home edition,
which is non built-in (1. not the built-in "Administrator" 2.it is explicitly created when installing OS)
and it is without password (I can logon Windows with this account without typing password)
So my question is:
Does my admin account belong to "Everyone" and/or "Authenticated Users" ?
PS:
even for only 1st reference from MS, there are already some areas unclear:
it tells:
- "Authenticated Users includes any security principal from the local domain, including guest accounts;"
- "Authenticated User does not include Guest, IUSR & the IWAM accounts."
So Authenticated User includes "guest accounts" and does not include "Guest" at same time.
Then I cannot understand this.
Is that "guest accounts" is different from "Guest" ?