r4wd3r
commented
4 years ago Hey Anton! Thanks for reaching out and sorry for the delay.
That wouldn't work since the modified RID belongs to the SID of the local machine (and specifically belongs to the security principal associated to the local user). You might have the 512 relative identifier assigned, but the literal prefix, identifier authority and three sub authorities would be different.
Nice idea! But it doesn't work :)
Feel free to ask anything you want to know about this!
Goodnight. Just a question - what happens if I change the user's RID to 512? Will I become a domain administrator? But what if...