Re: Remote system access

From: Arkady Frenkel (arkadyf_at_hotmailxdotx.com)
Date: 08/24/04 

Date: Tue, 24 Aug 2004 16:29:02 +0300

Maybe post it on microsoft.public.win32.programmer.kernel NG
Arkady

"Lisa L" <LisaL@discussions.microsoft.com> wrote in message
news:CAFF3D79-1D65-424A-85B4-05497D791105@microsoft.com...
> Anyone have any insight?
> Anyone recomment I ask this question in another group?
> If so, which one?
>
> Lisa
>
> "Lisa L" wrote:
>
> > I have a process running as SYSTEM as a WNT SErvice (managable in the
Control
> > panel services applet).
> >
> > That Service at some point does a LogonUser and ImpersonateLoggedOnUser
to
> > connect to DC as a specific user with the permissions to do the things
it
> > needs to do. We have made it configuration option on whether that
logonUser
> > call is done with the LOGON32_LOGON_SERVICE or LOGON32_LOGON_INTERACTIVE
> > logontype. This presumes that the user specified for the logon as the
right
> > to log on as a service, if the SERVICE logon type is selected.
> >
> > Anyway, while logged on either as a SERVICE or INTERACTIVELY as user to
> > another DC, the process does the following call.
> >
> > NET_API_STATUS retVal = DsGetDcName(ComputerName, Domain, NULL, NULL,
> > (DS_RETURN_FLAT_NAME | DS_WRITABLE_REQUIRED), (PDOMAIN_CONTROLLER_INFOW
> > *)&domain_info);
> >
> > The "ComputerName" argument is the name of another system on the
network.
> > (Not the DC or the domain that the user was logged onto, no the system
where
> > this process is running on a SERVICE. It is some box in the network,
perhaps
> > were a client that initated a connection to the SERVICE.
> >
> > Does the user that was specified for the LOGON USER call need any
special
> > permissions or rights for the DsGetDcName to successfully be executed by
the
> > remote system and return to the calling process a Domain Controller
name?
> >
> > Does it make a difference in doing this DsGetDcName call, whether the
> > LogonUser logs on interactively or as a service?
> >
> > Lisa L

Relevant Pages

  • RE: Remote system access
    ... "Lisa L" wrote: ... We have made it configuration option on whether that logonUser ... This presumes that the user specified for the logon as the right ... > permissions or rights for the DsGetDcName to successfully be executed by the ...
    (microsoft.public.win32.programmer.networks)
  • Re: Logon Server Unavailable
    ... There are currently no logon servers available to service ... You use a office laptop to connect the office VPN, when you map a network ... you may receive this message: "This account is the ... The server is not configured for transactions"> "A domain controller for your domain could not be contacted" ...
    (microsoft.public.windows.server.general)
  • Re: Logon Server Unavailable
    ... There are currently no logon servers available to service ... You use a office laptop to connect the office VPN, when you map a network ... you may receive this message: "This account is the ... The server is not configured for transactions"> "A domain controller for your domain could not be contacted" ...
    (microsoft.public.windows.server.dns)
  • Re: Logon Server Unavailable
    ... There are currently no logon servers available to service ... You use a office laptop to connect the office VPN, when you map a network ... you may receive this message: "This account is the ... The server is not configured for transactions"> "A domain controller for your domain could not be contacted" ...
    (microsoft.public.windows.server.networking)
  • Re: Logon Server Unavailable
    ... The server is not configured for transactions" ... "Access Denied" Message When Opening from or Saving to a Network Folder ... Logon unsuccessful: The user name you typed is the same as the user name you ... "An error occurred while renewing interface local area connection" While ...
    (microsoft.public.windows.server.networking)