Re: A question about windows service access netdriver privilege

From: robin (buptrobin_at_21cn.com)
Date: 09/02/04

• Next message: The Truth: "Property Page"
• Previous message: William DePalo [MVP VC++]: "Re: SetCapture"
• In reply to: Ivan Brugiolo [MSFT]: "Re: A question about windows service access netdriver privilege"
• Next in thread: Ivan Brugiolo [MSFT]: "Re: A question about windows service access netdriver privilege"
• Reply: Ivan Brugiolo [MSFT]: "Re: A question about windows service access netdriver privilege"
• Messages sorted by: [ date ] [ thread ]

---

Date: Thu, 2 Sep 2004 10:10:20 +0800

oh, I follow the steps:
1.logon as a domain user
2.in the command prompt, c:\>at.exe <now + 1 minute> /interactive cmd.exe
3.when the time come, a new command prompt windown appear
  c:\>dir \\RemoteMachineName\ShareName
  it shows: Access is denied.
  But I have grant the share to everyone
4.c:\>whoami
  nt authority\system
5.in the remote event viewer, only has a application event, says, windows
cannot determine "NT AUTHORITY\SYSTEM" user.

.......

some step wrong?

"Ivan Brugiolo [MSFT]" <ivanbrug@online.microsoft.com> wrote in message
news:OhDlObEkEHA.140@TK2MSFTNGP12.phx.gbl...
> Do this to verify this behavior
> open a LocalSystem command prompt with the at.exe trick:
> c:\>at.exe <now + 1 minute> /interactive cmd.exe
> from the new command prompt
> LocalSystem|C:\>dir \\RemoteMachineName\ShareName
> Go to the remote machine, open the event log, and check for logon events.
>
> --
> This posting is provided "AS IS" with no warranties, and confers no
rights.
> Use of any included script samples are subject to the terms specified at
> http://www.microsoft.com/info/cpyright.htm
>
>
> "robin" <buptrobin@21cn.com> wrote in message
> news:O2tpFQAkEHA.1348@TK2MSFTNGP15.phx.gbl...
> > I can enable auditing the logon-event, but do not see the logon event
for
> > the machin account.
> > Are you sure the service of win2003 can access the mapped netdriver as
> local
> > system account?
> >
> >
> > "Ivan Brugiolo [MSFT]" <ivanbrug@online.microsoft.com> wrote in message
> > news:eZ9$bh3jEHA.3456@TK2MSFTNGP12.phx.gbl...
> > > Can you enable auditing for logon-events at the remote machine
> > > (the one hosting the netwok shares) and see if you have
> > > a logon event for the machine account ?
> > > As long as you are not trying to access the mapping of a network share
> > > created by a different logon session, it should just work.
> > >
> > > --
> > > This posting is provided "AS IS" with no warranties, and confers no
> > rights.
> > > Use of any included script samples are subject to the terms specified
at
> > > http://www.microsoft.com/info/cpyright.htm
> > >
> > Trying to boot Tuxedo 8.1 with Tuxdir on windows 2003 local C drive -
with
> > appdir on Windows 2000 as a network drive.
> > Trying to boot Tuxedo 8.1 with Tuxdir on windows 2003 local C drive -
with
> > appdir on Windows 2000 as a network drive.
> > Trying to boot Tuxedo 8.1 with Tuxdir on windows 2003 local C drive -
with
> > appdir on Windows 2000 as a network drive.
> > Trying to boot Tuxedo 8.1 with Tuxdir on windows 2003 local C drive -
with
> > appdir on Windows 2000 as a network drive.
> > Trying to boot Tuxedo 8.1 with Tuxdir on windows 2003 local C drive -
with
> > appdir on Windows 2000 as a network drive.
> > Trying to boot Tuxedo 8.1 with Tuxdir on windows 2003 local C drive -
with
> > appdir on Windows 2000 as a network drive.
> > Trying to boot Tuxedo 8.1 with Tuxdir on windows 2003 local C drive -
with
> > appdir on Windows 2000 as a network drive.
> > Trying to boot Tuxedo 8.1 with Tuxdir on windows 2003 local C drive -
with
> > appdir on Windows 2000 as a network drive.
> > >
> > > "robin" <buptrobin@21cn.com> wrote in message
> > > news:Ow$O4f0jEHA.1344@TK2MSFTNGP11.phx.gbl...
> > > > But when I set the service to Local System account, and the share
> gives
> > > > privilege to the DomainName\MachineName$, the service can not see
the
> > > mapped
> > > > network share.
> > > > Is there a solution, do not need to change the program code, just
> config
> >
> >
>
>

---

• Next message: The Truth: "Property Page"
• Previous message: William DePalo [MVP VC++]: "Re: SetCapture"
• In reply to: Ivan Brugiolo [MSFT]: "Re: A question about windows service access netdriver privilege"
• Next in thread: Ivan Brugiolo [MSFT]: "Re: A question about windows service access netdriver privilege"
• Reply: Ivan Brugiolo [MSFT]: "Re: A question about windows service access netdriver privilege"
• Messages sorted by: [ date ] [ thread ]

---

Relevant Pages Re: List of Users for a folder ... it work in command prompt but not inside asp. ... I had use domain user for anonymous access but same result happened. ... > Cacls will work with a UNC path. ... > Microsoft MVP Scripting ... (microsoft.public.inetsdk.programming.scripting.vbscript) Re: NT4 share question. ... It takes about 2 seconds to open a command prompt, ... > permissions (Domain user) has been able to find out what the admin shares ... (microsoft.public.security) Re: Problem adding domain user to local admin group? ... My problem is adding a domain user to a local group. ... window under the locations "From this location:" the jecabs.local domain ... Open a Command Prompt. ... (microsoft.public.windowsxp.general) tasklist error ... When I starting tasklist from command prompt I am getting Error: ... I am as domain user with local administrator right. ... Marcus ... (microsoft.public.windows.server.general)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(16)