Re: What is generating the values for this key?
- From: michael_moore@xxxxxxxxxxxxxxxxx <michael_moore@xxxxxxxxxxxxxxxxx>
- Date: Thu, 22 Jun 2006 11:06:02 -0700
.. On the client computer, open the command prompt
2. Type "SC sdshow McAfeeFramework" (without quotes) and hit return
You will see something like this:
3. If the output is different from the string shown above, type:
SC sdset McAfeeFramework
in a single line without carriage returns and the hit return.
This will reset the security descriptor of McAfeeFramework service.
If you still see the problem after applying Microsoft patches, then there
a problem with the updating mechanism of the operating system. We need to
contact Microsoft about how we can stop the Microsoft patches from changing
"Joe Richards [MVP]" wrote:
When I say that the key is written by Windows, it is is written by the.
backend service API at the request of the process installing the
service. CreateService makes an RPC call into a Windows process that is
running (services.exe) which does the actual manipulations to the
registry after doing some basic verification (like say checking to see
if the SC is shutting down, etc).
While it is possible, it is unlikely that the application vendor is
working out the SD blob and manually writing that to the registry
directly along with the rest of the Service keys. Almost certainly they
probably aren't even specifying an SD and just depending on the default
that the SC is supplying. While a vendor could do the raw registry write
of the blob and install the service completely manually, they would most
likely screw it up; especially McAfee.
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
---O'Reilly Active Directory Third Edition now available---
Jeffrey Tan[MSFT] wrote:
Based on my knowledge, this registry key is written by the Windows Service
Installer, which normally calls CreateService win32 API to add the service
configuration information to
HKLM/System/CurrentControlSet/Services/service_name registry. Normally, the
service software vendor writes the Service Installer himself, so I assumes
this registry key is written by the software vendor, not Microsoft.
Anyway, I agree with you that I seldom see any machine running RPC service
as NetworkService account, LocalSystem account is much more privilige than
NetworkService account, so there maybe some access deny issue in RPC
service. I think we still need more information from Michael: what
error/symptom does he get in the application.
Microsoft Online Community Support
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
This posting is provided "AS IS" with no warranties, and confers no rights.