Re: Remote system access
From: Lisa L (LisaL_at_discussions.microsoft.com)
Date: 08/24/04
- Next message: Innokentiy Ivanov: "Re: WSAENOBUFS error with 'recv'"
- Previous message: Arkady Frenkel: "Re: How to enable IPv6 in winxp SP2"
- In reply to: Arkady Frenkel: "Re: Remote system access"
- Next in thread: Arkady Frenkel: "Re: Remote system access"
- Reply: Arkady Frenkel: "Re: Remote system access"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 24 Aug 2004 07:21:07 -0700
I'd prefer a MSDN Managed Group newsgroup.
Does running the GetDCName() to a remote machine matter, if run by user that
is logged in interactively or as a service with regards to access and
permissions?
Lisa
"Arkady Frenkel" wrote:
> Maybe post it on microsoft.public.win32.programmer.kernel NG
> Arkady
>
> "Lisa L" <LisaL@discussions.microsoft.com> wrote in message
> news:CAFF3D79-1D65-424A-85B4-05497D791105@microsoft.com...
> > Anyone have any insight?
> > Anyone recomment I ask this question in another group?
> > If so, which one?
> >
> > Lisa
> >
> > "Lisa L" wrote:
> >
> > > I have a process running as SYSTEM as a WNT SErvice (managable in the
> Control
> > > panel services applet).
> > >
> > > That Service at some point does a LogonUser and ImpersonateLoggedOnUser
> to
> > > connect to DC as a specific user with the permissions to do the things
> it
> > > needs to do. We have made it configuration option on whether that
> logonUser
> > > call is done with the LOGON32_LOGON_SERVICE or LOGON32_LOGON_INTERACTIVE
> > > logontype. This presumes that the user specified for the logon as the
> right
> > > to log on as a service, if the SERVICE logon type is selected.
> > >
> > > Anyway, while logged on either as a SERVICE or INTERACTIVELY as user to
> > > another DC, the process does the following call.
> > >
> > > NET_API_STATUS retVal = DsGetDcName(ComputerName, Domain, NULL, NULL,
> > > (DS_RETURN_FLAT_NAME | DS_WRITABLE_REQUIRED), (PDOMAIN_CONTROLLER_INFOW
> > > *)&domain_info);
> > >
> > > The "ComputerName" argument is the name of another system on the
> network.
> > > (Not the DC or the domain that the user was logged onto, no the system
> where
> > > this process is running on a SERVICE. It is some box in the network,
> perhaps
> > > were a client that initated a connection to the SERVICE.
> > >
> > > Does the user that was specified for the LOGON USER call need any
> special
> > > permissions or rights for the DsGetDcName to successfully be executed by
> the
> > > remote system and return to the calling process a Domain Controller
> name?
> > >
> > > Does it make a difference in doing this DsGetDcName call, whether the
> > > LogonUser logs on interactively or as a service?
> > >
> > > Lisa L
>
>
>
- Next message: Innokentiy Ivanov: "Re: WSAENOBUFS error with 'recv'"
- Previous message: Arkady Frenkel: "Re: How to enable IPv6 in winxp SP2"
- In reply to: Arkady Frenkel: "Re: Remote system access"
- Next in thread: Arkady Frenkel: "Re: Remote system access"
- Reply: Arkady Frenkel: "Re: Remote system access"
- Messages sorted by: [ date ] [ thread ]
