Re: Remotley managing XP Pro systems

From: Steven L Umbach (n9rouz_at_nscomcast.net)
Date: 11/02/03 

Date: Sun, 02 Nov 2003 20:04:08 GMT

Thanks for your interesting thoughts. I am about out of ideas. It would be
interesting to see if he would have success administering from a like configured XP
machine. --- Steve

"Roger Abell" <mvpNOSpam@asu.edu> wrote in message
news:uCxkqnXoDHA.2820@TK2MSFTNGP10.phx.gbl...
> It seems that we are seeing a small number of these
> "selective" remoting issues. I am just wondering what
> added tightening, perhaps in recent RPC patches, have
> forced more restrictive tolerances on what SSPI negotiation
> is acceptible for which administrative access.
> Here I was thinking that downlevel security provider might
> be accepted for network share type accesses (event log,
> file shares, etc.) but not for COM/WMI based accesses.
>
> Needless to say, I have noticed us both banging our heads
> against these posts.
>
> --
> Roger
>
> "Steven L Umbach" <sumbach55@ameritech.net> wrote in message
> news:n6bpb.9185$8x2.5534539@newssrv26.news.prodigy.com...
> > I was thinking that too, but he can access administrative shares and
> manage
> > users which tells me that lan man level is compatible yet he can not
> access
> > Event Viewer logs or parts of the registry. I know there is a security
> > option for registry access paths via netwok, but the part about not
> > accessing Event Viewer is curious since he can access it locally??
> Probably
> > a packet capture of the sequence would help. --- Steve
> >
> > "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
> > news:ur#4qFWoDHA.372@TK2MSFTNGP11.phx.gbl...
> > > Just curious on this, but in the XP policy for lanmanager
> > > protocols is the XP set to allow NTLM v2 or is it in
> > > the often seen default of LM and NTLM (which excludes
> > > NTLM v2) ?
> > >
> > > --
> > > Roger Abell
> > > Microsoft MVP (Windows Server System: Security)
> > > MCSE (W2k3,W2k,Nt4) MCDBA
> > > "Jack Wray" <jackwray@cox.net> wrote in message
> > > news:%23pxD83LoDHA.2868@TK2MSFTNGP09.phx.gbl...
> > > > Steve,
> > > >
> > > > NT 4.0 domain.. Admin machine is windows 2000. And the local security
> > > > policies are pretty close to default. Still looking.. thanks agian for
> > > your
> > > > help
> > > >
> > > >
> > > > "Steven L Umbach" <n9rouz@nscomcast.net> wrote in message
> > > > news:6RRob.61000$ao4.161833@attbi_s51...
> > > > > You say you are in a NT domain - do you mean NT4.0? What is the
> > > operating
> > > > system is
> > > > > on the computer that you are using to try to access from? Are the XP
> > > > machines using
> > > > > default Local Security Policy configuration or close to it? ---
> > Steve
> > > > >
> > > > >
> > > > > "Jack Wray" <jackwray@cox.net> wrote in message
> > > > > news:utbSeeIoDHA.688@TK2MSFTNGP10.phx.gbl...
> > > > > > Steve,
> > > > > >
> > > > > > This is what i have come up with so far.
> > > > > >
> > > > > > Not able to access the following remotely
> > > > > > Event Logs
> > > > > > Registry keys beyond HKLM ( can see the subkeys but not able to
> open
> > > > them)
> > > > > > Processes
> > > > > >
> > > > > > I can access the following
> > > > > > User & Groups ( manage them as well )
> > > > > > User rights policies ( manage as well )
> > > > > > Admin shares ( full access )
> > > > > >
> > > > > > So, file and print sharing is working, remote registry service is
> > > > running