![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(131.20000000000002, 87%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERL%3C/text%3E%3C/svg%3E)
Hi Richard,
This setting would force the use of domain accounts in a local admin group when accessing a computer's C$ share or remotely opening the Computer Management console.
Yes, I would expect only domain accounts in the local administrators would be able to access the admin shares (C$, D$, etc), as for the remote management you would need to verify this as there might be cases where 'Deny access to this computer from the network' might not apply.
Are network logins in these examples cached similar to how local logins are?
I'm not completely sure about the context of your question. Credentials are cache on the client machine rather than the server. When a user connects to a share, they present their credentials to the server as part of the authentication process. Normally, if there is an open connection or session to the server, then the credentials will not be required again, until all sessions are closed or the server is rebooted.
Gary.