Re: NetworkService and LocalService accounts

Ah much better info thank you, Wes. I didn't know about the regkey that had
the SIDs/profile path, I'll be filing that one away.

I did end up getting it but I went another way..
I used xcacls.vbs to query a 'clean' machine to get that the whole account
name was "nt authority\network service"

then used xcacls.vbs to replace the permissions on one of the machines:

xcalcs "\\PC1\c$\documents and settings\networkservice" /P "NT
Authority\Network Service":F
xcalcs "\\PC1\c$\documents and settings\localservice" /P "NT Authority\Local
Service":F

I then connected to the admin share and added back on the local admin and
system accounts, took ownership and reset perms on the folders.

Thank you again for the info Wes, I'll mix and match the rest to get
proficient.

Les Bowman

"Wesley Vogel" <123WVogel955@xxxxxxxxxxx> wrote in message
news:%233bFzmOCHHA.3540@xxxxxxxxxxxxxxxxxxxxxxx
Are their SIDs consistent so if I go to a working machine and derive its
SID I can use that to add it to the others?

Should be...

SID: S-1-5-19
Name: NT Authority
Description: Local Service

SID: S-1-5-20
Name: NT Authority
Description: Network Service

This key lists all of the SIDs.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
CurrentVersion\ProfileList

To tell which user has which SID, click on each SID, look at
ProfileImagePath, the Data has the user name at the end of the path. I.e.
%SystemDrive%\Documents and Settings\Wesley P. Vogel

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
CurrentVersion\ProfileList\S-1-5-19
%SystemDrive%\Documents and Settings\LocalService

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\
CurrentVersion\ProfileList\S-1-5-20
%SystemDrive%\Documents and Settings\NetworkService

--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In news:OkpBWcOCHHA.5068@xxxxxxxxxxxxxxxxxxxx,
Les <les@xxxxxxxxxx> hunted and pecked:
I can see the folders for the two profiles but when I go to re-add the
LOCAL SERVICE [ls] or NETWORK SERVICE [ns] (WinXP caps them) accounts
onto the appropriate profile(s) they do not appear in the list, there is
a NETWORK local account but I am guessing that is not the same as NS.

The ACLs on the folder themselves got hosed when the tech the clicked
the
'reset permissions and propogate to subfolders' so EVERYONE got full
control access to every profile directory. Since I can't find the the LS
or NS accounts in the drop down I can't make the ACL match an untouched
machine (Admin, System and LS or NS has FC on the folder).

I guess I need to know how big a deal it is, can I leave 'everyone' on
the
folder and not worry about it? I'd rather set the ACLs back to the way
they were but I'd like not to have to reimage the machines because some
tech went mucking about.

Either way when I have time to get the SID(s) from an untouched box for
the accounts I'll try to use that to add the appropriate account to the
folders and report back on how it went.

Thanks,
Les

"Wesley Vogel" <123WVogel955@xxxxxxxxxxx> wrote in message
news:uiTDsKOCHHA.204@xxxxxxxxxxxxxxxxxxxxxxx
\Documents and Settings\LocalService
and
\Documents and Settings\NetworkService
are Hidden folders.

So is
\Documents and Settings\Default User

HOW TO: Search For Hidden Or System Files In Windows XP
http://support.microsoft.com/kb/302347

To display Hidden files and folders...

Start | Settings | Control Panel | Folder Options | View tab
Check:
Display the contents of system folders
and
Show hidden files and folders
UNCheck:
Hide extensions for known file types
and
Hide protected operating system files (Recommended)
Click Apply | Click OK

When you uncheck: Hide protected operating system files,
you will get this message...

Warning
----------
You have chosen to display protected operating system files (files
labeled System and Hidden) in Windows Explorer.These files are required
to start and run Windows. Deleting or editing them can make your
computer inoperable.Are you sure you want to display these files?
----------

Click YES.

[[Hidden files and folders will appear dimmed to indicate they are not
typical items.]]


--
Hope this helps. Let us know.

Wes
MS-MVP Windows Shell/User

In news:uWdTq$NCHHA.4764@xxxxxxxxxxxxxxxxxxxx,
Les <les@xxxxxxxxxx> hunted and pecked:
I have a situation where one of the helpdesk techs reset permissions
on
the entire Docs&Settings folder on 10 PCs. (thus inheriting from the
C:
drive).

I have fixed all of the profiles and folders except the NetworkService
and LocalService profiles as I can't seem to find these accounts in
the
listing.

Does anyone know of a way to re-add these accounts short of
re-imaging?
Aretheir SIDs consistent so if I go to a working machine and derive
its
SID I can use that to add it to the others?

TIA,
Les Bowman



.

Relevant Pages

  • Re: System Volume Information
    ... I checked "show hidden files and folders" + ... >Uncheck Hide Protected Operating System Files. ...
    (microsoft.public.windowsxp.general)
  • Re: Installed software under my login, but kids accounts also have
    ... the other user accounts. ... Make sure you are able to see all hidden files and extensions (View tab ... Check "Display the contents of system folders". ...
    (microsoft.public.windowsxp.newusers)
  • Re: NetworkService and LocalService accounts
    ... SID I can use that to add it to the others? ... folders and report back on how it went. ... To display Hidden files and folders... ... Hide protected operating system files, ...
    (microsoft.public.windowsxp.configuration_manage)
  • Re: Favourites
    ... Try displaying *Hidden files and folders and then look in your Favorites ... To display Hidden files and folders... ... Hide protected operating system files, ...
    (microsoft.public.windowsxp.basics)
  • Re: Hidden Template Directory - Make Visible How?
    ... > To display Hidden files and folders... ...
    (microsoft.public.windowsxp.general)