RE: Local security policy Settings

From: Lubrano di Ciccone, Christophe (DEF) (diciccone@ppg.com)
Date: 02/06/02 

From: "Lubrano di Ciccone, Christophe (DEF)" <diciccone@ppg.com>
To: "'ted@intradenver.net'" <ted@intradenver.net>, focus-ms@securityfocus.com
Date: Wed, 6 Feb 2002 10:05:33 -0500

look like SID. this happens when a trust have disappeared, is corrupted or when group or user have been deleted in an another container (domain etc.) with which the box have an implicit trust.
The three rights indicate below look like a service account.

christophe

-----Original Message-----
From: Ted Simmons [mailto:tedsimmons@qwest.net]
Sent: mercredi 6 fevrier 2002 07:12
To: focus-ms@securityfocus.com
Subject: Local security policy Settings

Hi All I need some help/advice.

I was wondering if anyone knew what this was:
Under the local security Policy settings I was seeting up a user and I found these
entries - like they where users:

*S-1-5-21-1275210071-436374069-1708537768-1011
and
*S-1-5-21-1275210071-436374069-1708537768-1007
and
*S-1-5-21-1275210071-436374069-1708537768-1002
and
*S-1-5-21-1275210071-436374069-1708537768-1001
and
*S-1-5-21-1275210071-436374069-1708537768-1006
and
*S-1-5-21-1275210071-436374069-1708537768-1010

listed in with the users - but not on the local users of the system....
I turned off their permissions - and everything is still working as far as I can tell.
I found them under the following policies:
--access this computer from a network
--logon as batch job
--log on locally

--- is this some new fix to microsoft's stuff??? I have not seen it on any of my other
Windows 2000 machines - could it be a trojan?

please help

--------> Ted

============================================================
Ted Simmons
(303)995-9858 Cell
(303)914-8556 Home
ted@intradenver.net
=============================================================

 

Relevant Pages

  • Re: Debugger not working in Vs.net 2003
    ... ASPNET user account) is not assigned the "Impersonate a client after ... after authentication" user right in the Local Security Policy settings. ...
    (microsoft.public.vsnet.debugging)
  • Re: Repetitive XML comments -- whats the point?
    ... Well I trust comments. ... class maintains internal state that is invalid at the time of the call. ... In the absence of any documentation at all, I try to make no such ... contained in the container, and you need to know what happens in such a ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Accessing Local Security Policy Programatically
    ... example the User Rights. ... I am NOT finding a way to access Local Security Policy settings ... The Local Security Policy setting which I'm trying to access is: ...
    (microsoft.public.windows.server.security)
  • Accessing Local Security Policy Programatically
    ... I am NOT finding a way to access Local Security Policy settings ... The Local Security Policy setting which I'm trying to access is: ... Does anybody have an idea about accessing this settting ...
    (microsoft.public.windows.server.security)
  • Local security policy Settings
    ... Under the local security Policy settings I was seeting up a user and I found these ... entries - like they where users: ...
    (Focus-Microsoft)
Loading