Re: Remotley managing XP Pro systems
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 11/02/03
- Next message: Guy: "Rpc System Shut Down Msg"
- Previous message: Roger Abell: "Re: industry"
- In reply to: Steven L Umbach: "Re: Remotley managing XP Pro systems"
- Next in thread: Steven L Umbach: "Re: Remotley managing XP Pro systems"
- Reply: Steven L Umbach: "Re: Remotley managing XP Pro systems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 2 Nov 2003 12:46:05 -0700
It seems that we are seeing a small number of these
"selective" remoting issues. I am just wondering what
added tightening, perhaps in recent RPC patches, have
forced more restrictive tolerances on what SSPI negotiation
is acceptible for which administrative access.
Here I was thinking that downlevel security provider might
be accepted for network share type accesses (event log,
file shares, etc.) but not for COM/WMI based accesses.
Needless to say, I have noticed us both banging our heads
against these posts.
-- Roger "Steven L Umbach" <sumbach55@ameritech.net> wrote in message news:n6bpb.9185$8x2.5534539@newssrv26.news.prodigy.com... > I was thinking that too, but he can access administrative shares and manage > users which tells me that lan man level is compatible yet he can not access > Event Viewer logs or parts of the registry. I know there is a security > option for registry access paths via netwok, but the part about not > accessing Event Viewer is curious since he can access it locally?? Probably > a packet capture of the sequence would help. --- Steve > > "Roger Abell" <mvpNOSpam@asu.edu> wrote in message > news:ur#4qFWoDHA.372@TK2MSFTNGP11.phx.gbl... > > Just curious on this, but in the XP policy for lanmanager > > protocols is the XP set to allow NTLM v2 or is it in > > the often seen default of LM and NTLM (which excludes > > NTLM v2) ? > > > > -- > > Roger Abell > > Microsoft MVP (Windows Server System: Security) > > MCSE (W2k3,W2k,Nt4) MCDBA > > "Jack Wray" <jackwray@cox.net> wrote in message > > news:%23pxD83LoDHA.2868@TK2MSFTNGP09.phx.gbl... > > > Steve, > > > > > > NT 4.0 domain.. Admin machine is windows 2000. And the local security > > > policies are pretty close to default. Still looking.. thanks agian for > > your > > > help > > > > > > > > > "Steven L Umbach" <n9rouz@nscomcast.net> wrote in message > > > news:6RRob.61000$ao4.161833@attbi_s51... > > > > You say you are in a NT domain - do you mean NT4.0? What is the > > operating > > > system is > > > > on the computer that you are using to try to access from? Are the XP > > > machines using > > > > default Local Security Policy configuration or close to it? --- > Steve > > > > > > > > > > > > "Jack Wray" <jackwray@cox.net> wrote in message > > > > news:utbSeeIoDHA.688@TK2MSFTNGP10.phx.gbl... > > > > > Steve, > > > > > > > > > > This is what i have come up with so far. > > > > > > > > > > Not able to access the following remotely > > > > > Event Logs > > > > > Registry keys beyond HKLM ( can see the subkeys but not able to open > > > them) > > > > > Processes > > > > > > > > > > I can access the following > > > > > User & Groups ( manage them as well ) > > > > > User rights policies ( manage as well ) > > > > > Admin shares ( full access ) > > > > > > > > > > So, file and print sharing is working, remote registry service is > > > running > > > > > and the machine knows that i have admin rights. I will keep looking > > but > > > any > > > > > ideas would be helpful. > > > > > > > > > > "Jack Wray" <jackwray@cox.net> wrote in message > > > > > news:exkOLNCoDHA.424@TK2MSFTNGP10.phx.gbl... > > > > > > thanks Steve, > > > > > > > > > > > > I will give it a shot in the morning and let you know... BTW, i > can > > > access > > > > > > all the mentioned thing interactively so it is a remote access > > issue.. > > > > > > Anyways, i will let you know. > > > > > > > > > > > > thanks again for the quick response. > > > > > > > > > > > > Jack > > > > > > "Steven L Umbach" <n9rouz@nscomcast.net> wrote in message > > > > > > news:h3Cob.71843$Fm2.57525@attbi_s04... > > > > > > > By logging on locally, I meant interactive logon with the same > > > domain > > > > > > administrators > > > > > > > account you are using to try to gain remote access. --- Steve > > > > > > > > > > > > > > "Steven L Umbach" <n9rouz@nscomcast.net> wrote in message > > > > > > > news:9_Bob.71991$HS4.630314@attbi_s01... > > > > > > > > I would first logon to one of those machines locally to see if > > you > > > can > > > > > > do those > > > > > > > > tasks. If you can then it is a network access problem and the > > > things > > > > > I > > > > > > would check > > > > > > > > are on XP computer are. -- The ICF firewall needs to be > disabled > > > or > > > > > any > > > > > > ipsec > > > > > > > > policies blocking ports for file and print sharing. File and > > print > > > > > > sharing needs to > > > > > > > > be installed/bound and the server service running. Remote > > registry > > > > > > service needs to > > > > > > > > be running. You need the user right to access this computer > from > > > the > > > > > > network on > > > > > > > those > > > > > > > > computers. If none of that pans out try temporarily disabling > > the > > > four > > > > > > security > > > > > > > > options for "digitally sign communications" if you are > accessing > > > from > > > > > a > > > > > > W2K > > > > > > > > chine. --- Steve > > > > > > > > > > > > > > > > > > > > > > > > "Jack Wray" <jackwray@cox.net> wrote in message > > > > > > > > news:%2356HgAAoDHA.1296@TK2MSFTNGP09.phx.gbl... > > > > > > > > > All, > > > > > > > > > > > > > > > > > > I am having an issue with xp systems on my network. All > > systems > > > are > > > > > > joined > > > > > > > > > to a NT domain. All systems have domain admins in the local > > > admin > > > > > > group. > > > > > > > > > However, all systems are showing the same problem, access > > denied > > > to > > > > > > the even > > > > > > > > > logs and registry. I use many scripts to monitor patches and > > > access > > > > > to > > > > > > the > > > > > > > > > registry is a must..Needless to say, access to the even logs > > is > > > nice > > > > > > too :) > > > > > > > > > > > > > > > > > > I have looked into the force guest policy and that's not > it.. > > > Any > > > > > idea > > > > > > would > > > > > > > > > be great. > > > > > > > > > > > > > > > > > > Jack > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >
- Next message: Guy: "Rpc System Shut Down Msg"
- Previous message: Roger Abell: "Re: industry"
- In reply to: Steven L Umbach: "Re: Remotley managing XP Pro systems"
- Next in thread: Steven L Umbach: "Re: Remotley managing XP Pro systems"
- Reply: Steven L Umbach: "Re: Remotley managing XP Pro systems"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
