Re: What is generating the values for this key?



.. On the client computer, open the command prompt
2. Type "SC sdshow McAfeeFramework" (without quotes) and hit return

You will see something like this:

D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)

3. If the output is different from the string shown above, type:

SC sdset McAfeeFramework
D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;PU)

in a single line without carriage returns and the hit return.

This will reset the security descriptor of McAfeeFramework service.

If you still see the problem after applying Microsoft patches, then there
may be
a problem with the updating mechanism of the operating system. We need to
contact Microsoft about how we can stop the Microsoft patches from changing
our
security descriptor.


"Joe Richards [MVP]" wrote:

When I say that the key is written by Windows, it is is written by the
backend service API at the request of the process installing the
service. CreateService makes an RPC call into a Windows process that is
running (services.exe) which does the actual manipulations to the
registry after doing some basic verification (like say checking to see
if the SC is shutting down, etc).

While it is possible, it is unlikely that the application vendor is
working out the SD blob and manually writing that to the registry
directly along with the rest of the Service keys. Almost certainly they
probably aren't even specifying an SD and just depending on the default
that the SC is supplying. While a vendor could do the raw registry write
of the blob and install the service completely manually, they would most
likely screw it up; especially McAfee.

joe

--
Joe Richards Microsoft MVP Windows Server Directory Services
Author of O'Reilly Active Directory Third Edition
www.joeware.net


---O'Reilly Active Directory Third Edition now available---

http://www.joeware.net/win/ad3e.htm



Jeffrey Tan[MSFT] wrote:
Hi Joe,

Based on my knowledge, this registry key is written by the Windows Service
Installer, which normally calls CreateService win32 API to add the service
configuration information to
HKLM/System/CurrentControlSet/Services/service_name registry. Normally, the
service software vendor writes the Service Installer himself, so I assumes
this registry key is written by the software vendor, not Microsoft.

Anyway, I agree with you that I seldom see any machine running RPC service
as NetworkService account, LocalSystem account is much more privilige than
NetworkService account, so there maybe some access deny issue in RPC
service. I think we still need more information from Michael: what
error/symptom does he get in the application.

Thanks.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.


.



Relevant Pages

  • RE: browes problem
    ... Important This article contains information about modifying the registry. ... 256986 Description of the Microsoft Windows Registry ... Your Internet Explorer home page has been changed to a different Web site ...
    (microsoft.public.windows.inetexplorer.ie6.browser)
  • RE: Error 1402
    ... >Microsoft Corporation ... >>This is a permissions issue that must be fixed through ... >>the Windows operating system. ... >>Do not use the registry key given in the Microsoft ...
    (microsoft.public.windowsxp.security_admin)
  • error 1406 with Norton
    ... >the Windows operating system. ... >Microsoft document drticle number Q236592, ... >Messages Starting Office Program, or Program Immediately ... >Do not use the registry key given in the Microsoft ...
    (microsoft.public.windowsxp.security_admin)
  • RE: Error 1406
    ... please post the screen capture of the error message: ... >the Windows operating system. ... >Microsoft document drticle number Q236592, ... >Do not use the registry key given in the Microsoft ...
    (microsoft.public.windowsxp.security_admin)
  • RE: FPSE on 2003 SP1
    ... This issue occurs if you install Microsoft ... IIS6 and 2002 extensions that shipped with 2003 server after the application ... In Registry Editor, locate and then click the following registry key: ... Quit Registry Editor, ...
    (microsoft.public.frontpage.extensions.windowsnt)