RE: adding new service to system services list
From: Jannie Hanekom (j_hanekom_at_hotmail.com)
Date: 06/23/03
- Previous message: Joseph Kim - HQ: "RE: Managing Windows Event Logs"
- Maybe in reply to: Dincer ONEL: "adding new service to system services list"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: <focus-ms@securityfocus.com> Date: Mon, 23 Jun 2003 16:55:23 +0100
There are two ways of doing this. The first is to install the Active
Directory administration tools onto a workstation which already has the 3rd
party service on. This is by far the 'cleanest' way of going about things -
simply run adminpak.msi from the W2K CD.
If you're happy to do some (potentially hazardous) text file editing, you
can locate the template file with the definitions by obtaining the
properties of the group policy, noting the GUID (something like
{31B2F340...984F9}), then browsing to
<\\MYDOMAIN\SYSVOL\MYDOMAIN\Policies\{31B2F340...984F9}\Machine\Microsoft\Wi
ndows NT\SecEdit> and opening GptTmpl.inf.
This file has a section called [Service General Setting]. If it doesn't
exist, add it. You can add entries to this section to add definitions for
services. Add an entry that looks like the following:
---------8<------------------8<------------------8<---------
[Service General Setting]
MyServiceName,4,"D:(A;OICI;GA;;;WD)"
---------8<------------------8<------------------8<---------
Substitute the first value for your service's name. The second value, 4,
denotes that the service should be disabled. The third portion,
"D:(A;OICI;GA;;;WD)" is the permission associated with the service. The
value given is the default OS value, and gives Everyone full control over
the service. (I presume this means that anyone can stop or start the
service.)
After you've saved the file, you can open the Group Policy and modify the
security (or startup) settings if you so wish. Note that you'll have to
open and edit the policy (even if it's changing something and then changing
it back) before it will increment the version number for the policy, which
is a requirement for it to be replicated and re-applied.
Jannie
-----Original Message-----
From: Dincer ONEL [mailto:onel@uekae.tubitak.gov.tr]
Sent: 23 June 2003 12:07
To: focus-ms@securityfocus.com
Subject: adding new service to system services list
A third party program's service is running only on my workstations around
the organization. This service is not running on my DC. But I need to stop
this service on all workstations. So I thought I can handle this thru group
policy. When I opened the following in the GPO
computer configuration> windows settings>security
settings>system services
I couldn't see that service in the system services list. Is anyone have any
idea about how can I add that service name to the system services list?
p.s. after installing the same program to DC, that service
name appeared in the system services list. But I think I shouldn't have to
install the program to DC just only see its name in the list. An alternative
method must definetely exist.
Dincer ONEL
Network Security Researcher
TUBITAK-UEKAE
P.K.74 41470 Gebze
Kocaeli TURKEY
Tel:+90-262-6481398
Fax:+90-262-6481100
-----------------------------------------------------------------------------
------------------------------------------------------------------------------
- Previous message: Joseph Kim - HQ: "RE: Managing Windows Event Logs"
- Maybe in reply to: Dincer ONEL: "adding new service to system services list"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
