I have been posed with the question "What makes the FSAdmin account secure?" by one of my bosses as it pertains to a Bank Audit. From my understanding, the LAN Cache sets up an FSAdmin#### account on all machines using the LAN Cache and then uses Pass Through Authentication. And if the client in question LAN Cache happens to be setup on a Domain Controller, then the FSAdmin account there has Admin rights. This poses a large security risk.
So my question is, is there a way to setup the LAN Cache where it's not using Pass-through Authentication? I know we can use specified credentials instead of the FSAdmin account which should take care of the Admin rights issue, but if every machine assigned to the LAN Cache is using Pass-through authentication then that still poses an issue.