Re: "Local Security Policy", Is it stored in registry?
From: Peter Clark (clark_at_hushmail.com)
Date: 04/28/03
- Next message: Tim Vieweg: "certs."
- Previous message: Jeff Cochran: "Re: Hard Systems Crash and all passwords apparently deleted"
- In reply to: Colin: "Re: "Local Security Policy", Is it stored in registry?"
- Next in thread: Nick Finco [MSFT]: "Re: "Local Security Policy", Is it stored in registry?"
- Reply: Nick Finco [MSFT]: "Re: "Local Security Policy", Is it stored in registry?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 28 Apr 2003 08:33:25 -0700
there are two ways, possibly three.
one:
use secedit - run this command:
C:\>secedit /export /CFG "%systemroot%\temp\user
rights.txt" /areas USER_RIGHTS
open "%systemroot%\temp\user rights.txt"
Act as part of the operating system = setcbprivilege
one up from the end:
(nobody has the privilge) = setcbprivilege =
(administrators have prv) = setcbprivilege = *S-1-5-32-544
S-1-5-32-544 = administrators. multiple users are separated
by a comma.
two:
use the registry - goto:
HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-32-544\Privilgs\@
the security key has permissions to allow only system to
access by default, thus your program will need to be either
running at system level (service) or as administrator so
the acls can be changed to allow access.
privilgs: of varible length from 19 bytes, it covers the
remaining options in "user rights assignment" the first
byte determines the number of privileges the user(group)
has. the first privilege is located at offset 8 and then at
c(12) intervals thereafter. the values appear to be in no
particular order. space inbetween is filled with 00, which
unless they are used for something is quite a waste of
data. the entry is filled with 00 untill the end of that c
block.
07 - act as part of the operating system
if you want to know about some other settings, check here:
http://www.beginningtoseethelight.org/ntsecurity/
i aplogize for the article because it was written a few
years ago and my understanding has increased, the page
needs an update/expansion.
three:
do some searches for "setcbprivilege" as there maybe a more
elegant way of querrying (and setting) the option.
>-----Original Message-----
>I would like to check if administrators have the right to
"Act as Part of
>Operating System".
>
>
>"Peter Clark" <clark@hushmail.com> wrote in message
>news:030701c30caa$4ff73300$a601280a@phx.gbl...
>> local security policies are stored in the registry - they
>> are also stored in the secedit.sdb file from which they are
>> refreshed from. what polices are you interested in
>> querrying? if you want to do it programmatically you could
>> try exporting and importing the configuration with
secedit.exe
>>
>>
>> >-----Original Message-----
>> >I have an applications that needs a few "local security
>> policies" set for it
>> >to work correctly. I was hoping to be able to query the
>> settings, but it
>> >doesn't look like they are stored in the registry. Does
>> anyone know if I
>> >can programmatically query those policies?
>
>
>.
>
- Next message: Tim Vieweg: "certs."
- Previous message: Jeff Cochran: "Re: Hard Systems Crash and all passwords apparently deleted"
- In reply to: Colin: "Re: "Local Security Policy", Is it stored in registry?"
- Next in thread: Nick Finco [MSFT]: "Re: "Local Security Policy", Is it stored in registry?"
- Reply: Nick Finco [MSFT]: "Re: "Local Security Policy", Is it stored in registry?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
