Error in Security Configuration Manager
From: Sergey V. Gordeychik (gordey_at_INFOSEC.RU)
Date: Mon, 26 Jan 2004 10:19:24 +0300 To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
It's not security bug by it self, but can cause errors in system
Quote from Q214752
" The Security Configuration Manager (SCM) set of tools allows security
administrators to define security templates that can be applied to
individual machines or any number of machines via group policy. Security
templates can contain password policies, lockout policies, kerberos
policies, audit policies, event log settings, registry values, service
startup modes, service permissions, user rights, group membership
restrictions, registry permissions and file system permissions. "
The scope of parameters can be extended by modify
%systemroot%\sceregvl.inf file (
But sceregvl.inf parser make no difference between "\" and "/" symbols.
If registry value name include "/" symbol it'll interpreted as a key
name and value name, segregated by "/".
So, when you add to sceregvl.inf file parameter like
SCM will create key
instead of key
Use administrative templates (.adm files) instead.
And as usual - sorry for my English.
NTBugtraq Editor's Note:
I'm looking for an event at which I can speak in Australia, specifically near Brisbase, as close to Christmas as possible. Anyone interested in flying me down under at that time, please contact me at Russ.Cooper@rc.on.ca