Re: What is generating the values for this key?

What OS? I would like to compare that to the default service ACL for the particular OS.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm



michael_moore@xxxxxxxxxxxxxxxxx wrote:
. On the client computer, open the command prompt
2. Type "SC sdshow McAfeeFramework" (without quotes) and hit return

You will see something like this:

D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)

3. If the output is different from the string shown above, type:

SC sdset McAfeeFramework
D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)

in a single line without carriage returns and the hit return.

This will reset the security descriptor of McAfeeFramework service.

If you still see the problem after applying Microsoft patches, then there may be
a problem with the updating mechanism of the operating system. We need to
contact Microsoft about how we can stop the Microsoft patches from changing our
security descriptor.


"Joe Richards [MVP]" wrote:

When I say that the key is written by Windows, it is is written by the backend service API at the request of the process installing the service. CreateService makes an RPC call into a Windows process that is running (services.exe) which does the actual manipulations to the registry after doing some basic verification (like say checking to see if the SC is shutting down, etc).

While it is possible, it is unlikely that the application vendor is working out the SD blob and manually writing that to the registry directly along with the rest of the Service keys. Almost certainly they probably aren't even specifying an SD and just depending on the default that the SC is supplying. While a vendor could do the raw registry write of the blob and install the service completely manually, they would most likely screw it up; especially McAfee.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm



Jeffrey Tan[MSFT] wrote:
Hi Joe,

Based on my knowledge, this registry key is written by the Windows Service Installer, which normally calls CreateService win32 API to add the service configuration information to HKLM/System/CurrentControlSet/Services/service_name registry. Normally, the service software vendor writes the Service Installer himself, so I assumes this registry key is written by the software vendor, not Microsoft.

Anyway, I agree with you that I seldom see any machine running RPC service as NetworkService account, LocalSystem account is much more privilige than NetworkService account, so there maybe some access deny issue in RPC service. I think we still need more information from Michael: what error/symptom does he get in the application.

Thanks.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
When responding to posts, please "Reply to Group" via your newsreader so that others may learn and benefit from your issue. ==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

.

Relevant Pages
Loading