DCOM - Allowing Remote Anonymous Access

TheMSsForum.com: The Microsoft Software Forum

The MSS Forum ‹ Security
- Archive
  - Biz
  - MCSE
  - CRM
  - Drivers
  - Framework
  - ADO
  - ASP
  - Compact
  - Forms
  - Dotnet
  - C#
  - VB
  - FontpageGen
  - Excel
  - WorkSheet
  - Exchange
  - Setup
  - Fox
  - Fontpage
  - ASP
  - IIS
  - Entourage
  - Money
  - Messanger
  - PocketPC
  - Powerpoint
  - Project
  - Publisher
  - Excel
  - VB
  - Security
  - Portal
  - Services
  - SQLServerDev
  - SVCS
  - SQLServer
  - VB
  - VC
  - MFC
  - ExcelGen

- Previous
  - 1
    - Surfing with User privileges Apparently a person cannot use these newsgroups operating their computer without administrator privileges. Just now I tried to post a new message with only limited privileges and could not get the dialog box for writing the new post to come up. This limitation hinders good security practice. I turned on the â??allow pop-ups from this siteâ?? but that didnâ??t work, and I turned on â??temporarily allow pop-ups from this siteâ?? but that didnâ??t do it either! In our home and business we are trying to use our computers with limited privileges more and more, to protect the current Windows setup and avoid spyware and adware. If programs used daily wonâ??t operate properly with these limited rights it makes operation frustrating. Russ Tag: DCOM - Allowing Remote Anonymous Access Tag: 80873
  - 2
    - OneCare Live file sharing Windows OneCare Live has firewall settings to allow file sharing with the local subnet only- a good idea! But it doesn't seem to work. On my home network with three PCs, file sharing worked fine until installing OneCare on the new HP notebook. Now this machine won't share anything, though the settings say that the firewall is configured for file sharing. Have others had this problem? A few days later I opened the firewall settings to allow sharing with all computers (even those on the internet, (as it warns)) and it does share with the home computers all right. Does this local subnet restriction not work correctly in OneCare Live? The notebook computer has XP Home and the others have XP Professional. May this be the difference? Russ Tag: DCOM - Allowing Remote Anonymous Access Tag: 80872
  - 3
    - Windows One Care Beta I downloaded WOC Beta and about 2 weeks later uninstalled it. After uninstall, reboot, and sign on (and every sign on since) I get an error message that says: Windows cannot find 'C:\WINDOWS\Nail.exe' . Make sure you typed the name correctly, and then try again....When I did a search for the file I found it. It was a quarantineed file by WOC Beta. It let me delete the file, but I still get this warning each time I sign on. How do I get rid of this warning? Thank you. Alex. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80869
  - 4
    - Kama Sutra / W32.Blackmal.E worm questions I have Norton AV and it was updated on Jan. 17 2006 with the entry: W32.Blackmal.E@mm CME-24, Win32.Blackmal.F [Computer Associates], Email-Worm.Win32.Nyxem.e [F-Secure], Email-Worm.Win32.Nyxem.e [Kaspersky], W32/MyWife.d@MM [McAfee], W32/MyWife.d@MM!M24 [McAfee], W32/Small.KI@mm [Norman], Tearec.A [Panda Software], W32/Nyxem-D [Sophos], WORM_GREW.{A, B} [Trend Micro] Will I be okay no matter what? Is there a way you can get this worm without opening email attachments? I just saw a CNN report where they did not mention that you can get it by opening attachments. But the mainstream media doesn't explain these things very well. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80853
  - 5
    - Has my Hotmail account been infiltrated? Hi I have a serious problem that I believe may be some form of identity theft and breach of security. I have been informed by a few people that I know that they have received emails, allegedly from me, which usually have the following traits: 1. they are from my Hotmail account and name, although the name on these emails has only my first initial instead of my full name that all my email accounts and client are set to 2. they are usually blank, but one or two reports that they had attachments 3. the subject line includes the phrase "Not read:" and is often followed by subject line text that had been in previous emails between myself and them. I am using a Mac with Microsoft Entourage as my primary email client. I have run both Norton Antivirus and MacScan and have found NO viruses, spyware or keyloggers. I have turned on OS X's firewall and I frequently clear all my browser caches and cookies. I have changed my Hotmail/MSN password. So far, this did not solve the problem. I do not use forwards nor multiple-address emails, and my contacts have zero connection to each other except through me. They do not receive emails from each other nor have each other as contacts. The only connection is through me. Does someone have access to my address and contacts somehow? This is very worrisome, your help is greatly appreciated... I have not received any response from Microsoft Security and this is very frustrating... I am worried someone can do some real damage. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80844
  - 6
    - Default GPO I changed my default group policy setting for my Windows Firewall settings to Disable and now I can no longer see the Windows Firewall settings in my Group Policy Editor. Any help is appreciated! Tag: DCOM - Allowing Remote Anonymous Access Tag: 80843
  - 7
    - Testing MS Security Patches? Does anyone know of specific tests that should be performed before implementing MS security updates on production systems. I am a member of a large organization and we are trying to enhance our testing procedures before implementing MS security patches through out our production environments. Is there a document that shows what specific things should be considered? I'm looking for a guideline that displays how to validate that a security patch released by MS will not break any applications or the Operating System. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80842
  - 8
    - backworm - way to keep safe if the domain policy means that users are only allowed to run programs from a limited list of programs (set up using the gpedit.msc) does this mean that we are safe(r) from the blackworm. indeed, does this mean that most viruses would fail to run? thanks, kevin Tag: DCOM - Allowing Remote Anonymous Access Tag: 80841
  - 9
    - Stumped by Image Displayed in Preview Pane This morning I received a piece of SPAM. No big deal. I get that on occassion, but this one had somehow managed to circumvent the security feature in Outlook that prevents images from downloading and displayed Lisa and Bart (Simpson) all smiles going at it doggie style with the caption "Your Baby's on the hook now..." Not sure what they were trying to promote, but I digress... The src attribute value of the img tag was "cid:000701c622b1$dc702290$87d4fea9@VAIO". It doesn't even look like a path. How does this path circumvent the feature to not display images? How does it even work? If I copy and paste this "path" into an HTML email and send it to myself, it does not even work, but somehow it presents an image in the original email and one that does not even have to be downloaded. I forwarded it to GMail and it displayed there as well. Very odd. Does anybody have any idea how this is pulled off? -- The only thing that sucks worse than ________ is apathy about _________. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80839
  - 10
    - Recommendations for 'Anonymous Surfing' Hello all, Iâ??ve searched for relevant posts on my subject, but seeing none, I then ask this question: I am thinking of installing â??anonymousâ?? Web Surfing software on my home Network. My network consists of a Linksys Wireless cable gateway, a desktop, and a laptop which are running under XP Pro. I use both IE and Firefox 1.5, and I have the McAfee Security Suite running (Personal Firewall, Privacy Service, and Virus scan). I also use your hosts file. I see products out there such as â??Annonymizerâ?? Privoxy, and â??Ghostsurfâ??. My question is this: In the opinion of the MVPâ??s are these products â??safeâ?? to use with an XP system? Are there system compromises or unacceptable side effects of using anonymous software? Is this software any good, does it do what it says it will do, which is make me invisible on the net? Is there a â??betterâ?? product out there? Is it maybe just a dumb idea to try and be invisible on the net? Please notice that I asked you guys these questions BEFORE I purchased and installed the stuff, thus preventing me from writing a â??whoa is meâ?? post. Iâ??d like you all to know that I am learning something here! Opinions, please? And thank you in advance ! Tag: DCOM - Allowing Remote Anonymous Access Tag: 80832
  - 11
    - Problem with certificate authority Hello, i installed a certificat autority on Windows 2003 std SP1, when the service start i've got the error message bellow : "A Certification Authority cannot use a certificate template" (this message appear for each template).... in the event log ... The problem does not exist on a Windows 2003 without SP1. Any idea ?? thanks Tag: DCOM - Allowing Remote Anonymous Access Tag: 80830
  - 12
    - Security Experts Warn of Kama Sutra Worm (yet another MS worm) "Security analysts are warning computer users about a new and potentially destructive Internet worm that can obliterate important documents. The worm, called Kama Sutra, is making the rounds now, but is scheduled to execute its first massive attack on February 3. Detected last week, the malicious worm targets computers running Windows and spreads primarily by copying itself to shared network locations and then sending itself to e-mail addresses found on afflicted computers. With subject lines that read "the best videoclip ever," "give me a kiss," and "school girl fantasies gone bad," the worm entices computer users to open the attached file. " http://www.cio-today.com/news/Experts-Warn-of-Kama-Sutra-Worm/story.xhtml?story_id=12100465ZLIH Imhotep Tag: DCOM - Allowing Remote Anonymous Access Tag: 80822
  - 13
    - NTLM V2 in Windows 2003 Native Forest Does anyone know how to completely disable NTLM from a Native Windows 2003 Forest, apparently MS still needs NTLM even in Windows 2003. The problem we are trying to address is the security concerns with NTLM v2 not being an exception. It is widely felt that the MD5 & MD4 algorithms that it leverages are not secure enough..... We would like to completely eliminate NTLM communication including v2, apparently when a non-trusted client with proper use creds. tries to access something in a Native Windows2003 forest it still downgrades to NTLM... Any thoughts/hacks :-) appreciated. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80819
  - 14
    - Shedule Task problem Hi, I'm running a Standard Edition SP1 with Exchange 2003 Standard SP1 and I have huge problems with my schedule task. I found out that the server was using 100% of CPU usage. After some test we found it was the Schedule service the one that was affecting the CPU usage so we disable it and everything worked just fine. The problem is that I can not even open the Schedule Task folder, when I tried to do this, the explorer freezes. I need to use the schedule task so I can make my backups, anyone can help me with this? Thank you. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80815
  - 15
    - paranoid computer taken over??? when i went to verify my email address the first one i ran into was from microsoft....it wanted my to click on this link (https://commcenter.bresnan.net/SRedirect/profile.microsoft.com/RegSysProfileCenter/ConfirmEmail.aspx?lcid=1033&EmailEntered=billington%40bresnan.net&eck=%252boMI94ak2EWj2c0BLSUoYw&CP=2&brand=Microsoft&Wizid=74386565-ca25-47ba-8168-c42975812e84&fu=http%3a%2f%2fwww.microsoft.com%2fwn3%2faspx%2fpptredirect.aspx&Sec=1) the second email said microsoft customer support so i trusted that one ..........mmmmmm.........ahhh help.............. billington is paranoid........ Tag: DCOM - Allowing Remote Anonymous Access Tag: 80813
  - 16
    - How to get rid of unknown items.... i think my computers been taken over.... my operating system is windows xp home. but in sys info it says windows nt.. I know nt is the core of the system... my device profile makes my desktop look like a laptop... docking state unknown???? background keeps being changed from windows xp to windows xp (modified) also have emachines but it changes to bliss.. when you reset should your screen darken as it resets...also on advanced internet options the notify me if being redirected keeps getting unchecked..... should nt authority be listed as a user.... should my printer be listening (port 85) my email address is piperoller@bresnan.net and someone else has a net passport using that, i tried forgot password but could not reset because no matter how many times i typed the 6 letters it kept telling my email wrong or letters wrong..yet signed up fine on alternative email.... help........... PLUS have modern font in red that will not be deleted..... also should internet adress contain (redir)i believe updates are being stashed and i'm being told their installed............ has anyone heard of powerdvd RemoteControl,, or changer, or nvpdaemon,,, what about nview imposter... in registery,, also should font's be read in OEM..... why cant i unhide some files.??? help,,,,,, paranoid..................... also should the xp in windows be dark red??????? Tag: DCOM - Allowing Remote Anonymous Access Tag: 80812
  - 17
    - IIS 6, DMZ and antivirus Hi all, Is it current practice to install an antivirus software on an IIS 6.0 server even though it has been hardened and placed in a DMZ? Thanks Tag: DCOM - Allowing Remote Anonymous Access Tag: 80810
  - 18
    - External LDAPS connection help We are in the process of migrating off of Novell to windows and We have a unix box that runs scripts to create users and import them into the directory. Now we need to make that same script creat accounts in AD via ldaps. The problem is Im new to the certificate authority and all i need for testing purposes is how to create a cer and give it to the unix box so it can be trusted and log in with a user id to import users into AD. Thanks Tag: DCOM - Allowing Remote Anonymous Access Tag: 80809
  - 19
    - Spyware & Adware Should I be using more than 1 Adware & Spyware program? I was told to install at least 3 as they all fix different problems. Today I was told to only have one as they could be interferring with eachother. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80801
  - 20
    - Detect what software is blocking connections Hello all! If this is offtopic, please advise of a better newsgroup, I thought this may be the right one. Our customers download and install our client/server based software on their computer. Many of our customers use Norton Internet Security and other types of software that block ours from connecting to the Internet. Sometimes the users don't know to click "Allow" and they block it then call us wanting to know why it's not working. My problem is that on some computers, we can find no software that is blocking connections but it is obviously happening. My question is does anyone know of any software out there that will tell you what program in memory is blocking network connections or acting as a firewall? Thanks so much! Matthew Tag: DCOM - Allowing Remote Anonymous Access Tag: 80798
  - 21
    - EFS and impersonated user Hello, I'm using Windows XP Pro (SP2) and I'd like to encrypt a folder using the API Advapi32 / EncryptFile using the credentials of a particular user different than the user logged in. I'm trying it impersonating the user first with the API Advapi32 / LogonUser, with different values in the parameters "Logon Type" and "Logon Provider". All cases, when I exec EncryptFile I get the error 87: invalid parameter. If I exec EncryptFile without impersonating the user all work ok and the folder is encrypted successfully related to my session user. Someone tells me that i'd have to load the user profile but I don't know how to do it during or after impersonating user. is it posible?, any idea? Thanks and best regards, Raul Truco Tag: DCOM - Allowing Remote Anonymous Access Tag: 80796
  - 22
    - EFS and impersonated user Hello, I'm using Windows XP Pro (SP2) and I'd like to encrypt a folder using the API Advapi32 / EncryptFile using the credentials of a particular user different than the user logged in. I'm trying it impersonating the user first with the API Advapi32 / LogonUser, with different values in the parameters "Logon Type" and "Logon Provider". All cases, when I exec EncryptFile I reach a the error 87: invalid parameter. If I exec EncryptFile without impersonating the user all work ok and the folder is encrypted successfully related to my session user. Someone tells me that i'd have to load the user profile but I don't know how to do it before. is it posible?, any idea? Thanks and best regards, Raul Truco Tag: DCOM - Allowing Remote Anonymous Access Tag: 80795
  - 23
    - Spyware & Adware I have been told to have at least 3 different spyare and adware programs on my computer as they each clean different problems out. Today I am now told to only use one as they fight with eachother and they will bog eachother down. What is the correct solution to successfully protect against all of the spyware & adware? Tag: DCOM - Allowing Remote Anonymous Access Tag: 80790
  - 24
    - Windows 2003 SP1 Hi, Did windows 2003 server SP1 up to date with all the security patches is more secure than windows 2003 server without SP1 but up to date with all the security patches? If yes - What changes causing this? Thanks, Nir Tag: DCOM - Allowing Remote Anonymous Access Tag: 80780
  - 25
    - infected? 1) Iâ??ve recently had a significant increase in the amount of spam getting through both the ATT and the MS Outlook spam filters. It frequently carries a subject line that I have used recently myself or the â??fromâ?? name or the subject are reminiscent of a personâ??s name or a topic that I have recently discussed in an e-mail. 2) Within the past 48 hours, shortcuts to IE and OL have not responded until I try them a second time. 3) Just now, when I tried to open IE, I got a dialogue box informing me that â??the operation can not be completed because yada-yada are missing.â?? A bit later it worked fine. I have just reverified the following: MS AntiSpyware is active. Norton Autoprotect is active. My virus definitions are dated 1/25/06. I have just visited MS Security Help, but didnâ??t find anything applicable. Yes, I clear my cache regularly. Every 24 hours or so. What else should I be checking? Thanks much! Tag: DCOM - Allowing Remote Anonymous Access Tag: 80768
- Next
  - 1
    - strange encryption behavior I am getting the following strange behavior in Outlook 2003 SP1 on XP Pro. I have previously received signed emails from my friend "Joe" who is in the GAL (although his certficicate is not in the GAL) I can see his certificate in Certificate Manager, under Other People, and it is reported there as OK. I have also previously sent him signed and encrypted emails successfully. *Sometimes* when I create a new email and select Joe from the GAL in the To field, activate the Sign and Encrypt buttons, type my message, and click Send I get: Microsoft Office Outlook had problems encrypting this message because the following recipients had missing or invalid certificates, or conflicting or unsupported encryption capabilities. I then go to a signed email I have previously received from Joe and reply to it, again making sure that the Sign and Encrypt buttons are activated. That works. Now I once again send a *new* email to Joe, as above. It now works. It continues to work for a while, then suddenly goes back into its old "problems encrypting this message" mode. What is going on here? I would prefer not putting the certificates into the GAL. I already tried the registry modifications recommended in: http://support.microsoft.com/?scid=kb;en-us;870564&spid=2520&sid=216#kb5 but it did not help. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80765
  - 2
    - Certificate configuration on Windows 2k Hi, On Windows XP, I can use the httpcfg.exe tool to assign a certificate to a port. For example: httpcfg set ssl /i IP:Port /h Hash /g Guid How can I accomplish the same task in Windows2k? Thanks, John Tag: DCOM - Allowing Remote Anonymous Access Tag: 80762
  - 3
    - Net Logger Pro Net Logger Pro tracks AOL, ICQ, IRC, MSN and Yahoo messengers , WWW, FTP and E-mail activities, classifies all collected information and sends it to your e-mail address or mobile phone, provides real time access to all incoming information on your PC. We would appreciate all you comments, critique and requests concerning operation and features of the Net Logger Pro. Thank you, Dual Software http://www.solidlabs.com/net/netlogger/ Tag: DCOM - Allowing Remote Anonymous Access Tag: 80745
  - 4
    - .NET Windows Forms Control hosted in web page I have a .NET 1.1 Windows Forms control that I built and have hosted it in a web page using the <OBJECT/> element. The control is used for downloading files to the users local system. I provided users with a .msi file which only added a code group to the machine-level runtime security policy to enable the control to run. The code group granted full trust to the intranet site hosting the control. Everything was working fine until our company pushed .NET Framework 2.0 out to all of the users stations, including mine. After this update the .NET control in this web page stopped working. The rectangle where the control would appear remains blank with a red/blue/green icon in the upper left-hand corner. My assumption was that the security configurations for .NET 2.0 were not configured and may be causing the 1.1 assy to not run. I installed the .NET 2.0 SDK and did a small test by adding the website manually to my 2.0 configuration in the same manner as 1.1. The control worked... I proceeded to create a 2.0 installer that users could run in addition to the 1.1 installer, but when I tested it again I could not get the 1.1 control to appear in my web page. I then migrated the control to 2.0 hoping that with the 2.0 settings correct and the control in 2.0 everything would work, but again I could not get the control to load. So a few questions: 1 - is this a bug? does the security in this case have to be configured in both 1.1 and 2.0 to allow a control hosted in a web page to run? 2 - If yes to the first question, is there a way to do all of this from one setup routine? Or does there need to be one in the 1.1 version and another one in the 2.0 version? I could not figure out how to iterate through both policy configurations from either 1.1 or 2.0. PLEASE HELP! I am desparate for a solution and my users are patiently waiting for this to start working again... thank you. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80737
  - 5
    - Remote Attack? Modem security I was using my computer off-line when the phone rang and through my speakers I heard the modem pick-up & a computer/fax signal. (I have a Dell Win. XP SP-2, with a dial-up connection and CA eTrust Personal Firewall.) When I checked the eTrust logs, I found that several inbound communications had been blocked including two attempts were made (at about the same time as I heard my modem pick up) originating from DNS source: "dedicated67.fastcolocation.net". I was concerned when I heard my modem respond without my log on. Apparently, the etrust firewall blocked it, but why was another computer able to call my machine and have it pick-up the phone? Is this a symptom of a greater security threat? Tag: DCOM - Allowing Remote Anonymous Access Tag: 80733
  - 6
    - Re: NTFS folder permissions - Creator Owner issue (I think) Sorry, this clearly doesn't make any sense. Please disregard. Paul "Paul Baker" <paulb@online.rochester.rr.com> wrote in message news:... > Can't you simply add a CREATOR OWNER access control which denies delete > permissions? This will override any allow permissions. > > Paul > > "F Laufs" <FLaufs@discussions.microsoft.com> wrote in message > news:C7ED4834-1C38-4056-A2F4-DB5722435131@microsoft.com... >> Yes, I figured out that if I took the creator owner placeholder out of >> the >> list then I woudlnt have this problme from reading other peoples posts. >> However, I am using the creator owner placeholder to ensure that staff >> can >> only delete their own files and folders and not other peoples. >> >> Users get Read & Execute, List Folder Contents, Read and Write, and the >> Creator-Owner gets Modify. >> >> Maybe there's another way of getting the same result? >> >> Regards, >> >> Fiona >> >> "Paul Baker" wrote: >> >>> Are you aware that you can prevent permissions being given to the >>> Creator >>> Owner when they create a folder simply by removing the CREATOR OWNER >>> access >>> control. It's default, not hardcoded, behaviour. >>> >>> Paul >>> >>> "F Laufs" <FLaufs@discussions.microsoft.com> wrote in message >>> news:66363F0F-1388-4A12-89DB-97761A246275@microsoft.com... >>> > Roger, >>> > >>> > Sorry, I was confusing the issue by calling it a group - I do realise >>> > its >>> > a >>> > placeholder. From what you're telling me an owner has rights that >>> > cannot >>> > be >>> > overridden. As we are allowing staff to create subfolders (they then >>> > become >>> > the owner), we will not be able to prevent them having the rights of >>> > an >>> > owner, which seems to include the right to change permissions whether >>> > we >>> > want >>> > them to have that right or not. >>> > >>> > Anyway, thanks for all your patience and help. >>> > >>> > Regards, >>> > >>> > Fiona >>> > >>> > >>> > "Roger Abell [MVP]" wrote: >>> > >>> >> >>> >> "F Laufs" <FLaufs@discussions.microsoft.com> wrote in message >>> >> news:266F5017-7818-439A-A60A-7D9B3498BBE3@microsoft.com... >>> >> > Roger, >>> >> > >>> >> > Thank you very much for your help. >>> >> > >>> >> > You're saying that this group can change permissions even when not >>> >> > expressly >>> >> > granted the permission to change permissions or denied it, but I >>> >> > have >>> >> > never >>> >> >>> >> No, that is not what I said. >>> >> I said that the owner of an object can change the object's permission >>> >> whether the owner is (directly or indirectly) granted that >>> >> permissions or >>> >> even whether explicitly denied that permissions. >>> >> I did not state this about the Creator Owner "group" but about the >>> >> Owner. >>> >> >>> >> > read this anywhere, and can't seem to find any documentation on it >>> >> > on >>> >> > the >>> >> > net. (I do believe you as I have seen the results!) I'd like to >>> >> > read >>> >> > up >>> >> > on >>> >> > the rights that this group has that I am not aware of. >>> >> > >>> >> >>> >> It is not really a group, although it appears like one. >>> >> Creator Owner is a placeholder. You will find its use is normally >>> >> set >>> >> to inherit onto contained/child objects. When a new object is >>> >> created >>> >> the grant to Creator Owner becomes a real grant to the creator or the >>> >> permissions stated with the Creator Owner grant on the container. >>> >> The account that creates the object does become owner, and does >>> >> have the rights of an owner, not matter what is or is not granted >>> >> with >>> >> the use of Creator Owner. >>> >> >>> >> > We would really like to prevent users changing the permissions on >>> >> > folders >>> >> > because they tend to lock themselves and IT support out of them. >>> >> > Do >>> >> > you >>> >> > know >>> >> > of any method of doing this? >>> >> > >>> >> >>> >> You must take away ownership and then the NTFS security permissions >>> >> will control their actions. While they own (as they do of anything >>> >> they >>> >> create) >>> >> you can only hinder, not prevent. >>> >> >>> >> >>> >> > "Roger Abell [MVP]" wrote: >>> >> > >>> >> >> >>> >> >> "F Laufs" <FLaufs@discussions.microsoft.com> wrote in message >>> >> >> news:77E028E8-8366-4069-A32A-F71710489B04@microsoft.com... >>> >> >> > Hi all, >>> >> >> > >>> >> >> > I need to set up the permissions on a folder so that: >>> >> >> > >>> >> >> > For users in Group 1: >>> >> >> > Anyone can create a file or subfolder. >>> >> >> > Anyone can edit any file. >>> >> >> > Anyone can copy and paste any file or subfolder. >>> >> >> > Only the owner can, delete, rename or move a file or folder >>> >> >> > Anyone can view permissions >>> >> >> > Noone can change permissions or take ownership >>> >> >> > >>> >> >> >>> >> >> I doubt that that combination can be attained. >>> >> >> The issue is in that some files are changed by use of a temp >>> >> >> file that is renamed with the original deleted. >>> >> >> >>> >> >> > For users in Group 2: >>> >> >> > They can create, edit, copy and paste, delete, rename or move >>> >> >> > any >>> >> >> > file >>> >> >> > or folder, and view permissions. >>> >> >> > They can not changer permissions or take ownership >>> >> >> > >>> >> >> > For Group 1, I ticked R&E, List, R and W in basic settings, and >>> >> >> > then >>> >> >> > added >>> >> >> > a >>> >> >> > Creator Owner group to which I gave modify rights. This got me >>> >> >> > pretty >>> >> >> > close >>> >> >> > to what I need, except: >>> >> >> > >>> >> >> > (1) when trying to move a file or folder, an error message >>> >> >> > appears >>> >> >> > as >>> >> >> > expected for the file, but the folder error message says >>> >> >> > '...cannot >>> >> >> > copy...' >>> >> >> > and then copies just the folder. I suppose it doesn't actually >>> >> >> > move >>> >> >> > it >>> >> >> > but >>> >> >> > this will be confusing for the users >>> >> >> > >>> >> >> > (2) test user can change the permissions on own folders, >>> >> >> > definitely >>> >> >> > what I >>> >> >> > don't want. (On checking the advanced permissions it explicitly >>> >> >> > shows >>> >> >> > that >>> >> >> > change permissions is NOT ticked) >>> >> >> >>> >> >> The owner can always change permissions even when they are not >>> >> >> granted the permission to change permissions or denied it. Think >>> >> >> of >>> >> >> the permission to change permissions as something only important >>> >> >> for non-owners. >>> >> >> >>> >> >> > >>> >> >> > For permission set 2 I was thinking of giving Modify permissions >>> >> >> > but, >>> >> >> > again, >>> >> >> > this allows users to change permissions on their own folders. >>> >> >> > >>> >> >> >>> >> >> It is not the Modify grant that allows this but being owner that >>> >> >> does. >>> >> >> >>> >> >> > I wonder if there is a simple explanation? >>> >> >> > >>> >> >> > Regards >>> >> >> > >>> >> >> > Fiona Laufs >>> >> >> > >>> >> >> >>> >> >> >>> >> >> >>> >> >>> >> >>> >> >>> >>> >>> > > Tag: DCOM - Allowing Remote Anonymous Access Tag: 80716
  - 7
    - Auditing Workstation logons from DC I am trying to see workstation interactive logins in the Windows 2003 DC event viewer but am not seeing the events. I am seeing Remoteinteractive as well as interactive directly into the Domain Controller itself. However workstation computers that are a member of the domain are not registering event 528 or 539 type 2's in the event viewer. I have Domain Security Settings for Audit account logon to Success and Audit logon events to success. I have Domain Controller Settings to audit account logon to Success and Failure and Audit Logon to Success and Failure. I am running Windows 2003 Small Business Server. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80714
  - 8
    - accessing a website Hi, I just installed AntiSpyware Beta 1 and have not been able to access a particular website. No problems with any other website. I had no issues prior to the spyware installation. The website does not show up on the blocked events site. Can anyone help? Thank you, Suzanne Tag: DCOM - Allowing Remote Anonymous Access Tag: 80711
  - 9
    - Auditing user login/logoffs I have a windows 2003 small bus server domain. How do I audit for user login and logoffs. Even better, how to I filter the massive security log to view the login/logoff events for users just logging into their workstations and logging out of their workstations?? Tag: DCOM - Allowing Remote Anonymous Access Tag: 80707
  - 10
    - Domain Administrator cannot logon to SBS 2003 LOCALLY Hi, I have a serious error with one of my servers. It is a SBS Server 2003 running a domain, dns, dhcp and AD. Up until late last year I have not had any issues with this, no new software or hardware has been added either in the past 6 months. I noticed that the daily backups were failing so I tried to logon to the server locally as domain administrator, and the server poped up a message 'The user has not been granted the requested logon type at this machine' ! So I tried to remote desktop in to the server and to my susprise I logged on successfully as domain administrator. I have got veritas backup exec 10 installed and the services run as domain/Administrator, backup exec was reporting that backups could not be run using this account as login access was not granted for the domain\administator !!!! So I started to look at the event viewer, and found this log from when I tried to logon locally: Event Type: Failure Audit Event Source: Security Event Category: Logon/Logoff Event ID: 534 Date: 24/01/2006 Time: 09:31:58 User: NT AUTHORITY\SYSTEM Computer: CMI-SERVER Description: Logon Failure: Reason: The user has not been granted the requested logon type at this machine User Name: Administrator Domain: CMI Logon Type: 2 Logon Process: Advapi Authentication Package: Negotiate Workstation Name: CMI-SERVER Caller User Name: CMI-SERVER$ Caller Domain: cmi Caller Logon ID: (0x0,0x3E7) Caller Process ID: 4168 Transited Services: - Source Network Address: - Source Port: - Any help on this matter would a god send, as I have been searching all over the place for the event error 534 and cannot find anyone with a simular problem. I have check the local security policy and everything looks in order. Kind Regards Matt Tag: DCOM - Allowing Remote Anonymous Access Tag: 80700
  - 11
    - cipher.exe with imporsonated user Hello friends, I have a big doubt and i wish you could help me. I'm using Windows XP Pro (SP2) and I'd like to encrypt a folder using the tool cipher.exe but using the credentials of a particular user different than the user logged in. I'm trying it impersonating the user first with the API Advapi32 / LogonUser , using diferent value for the parameters "Logon Type" and "Logon Provider". After impersonating the correct user i execute the command: cipher.exe /E /S:c:\test /A but the folder is encrypted related to the user logged in in the session, no with the impersonated user. I have tried too with the API Advapi32 / CreateProcessWithLogonW, with the option "Logon with profile", but i don't get to work, is it posible?, any idea? Thanks very much, Raul truco Tag: DCOM - Allowing Remote Anonymous Access Tag: 80699
  - 12
    - TechNet - for IT professionals only? -- Thanks, Maria Tag: DCOM - Allowing Remote Anonymous Access Tag: 80682
  - 13
    - Digital ID and automatic encryption to certain contacts Is there a way to automatically sign and encrypt email in Outlook via S/MIME and Digital IDs to certain contacts all the time without having to manually check on each email. We do not wat to set these settings for every email due to the message you must choose "send unencypted" each time. Thanks in advance for your time!! Tag: DCOM - Allowing Remote Anonymous Access Tag: 80673
  - 14
    - Hacked or.....Would appreciate expert help This is a repost of question. I would sincerely appreciate someone reviewing the event log below, and confirming if it is the result of a hacker. It occurred during non-business hours, and I am reasonably certain no one was in the office. All computers are password protected. Could a power outage have caused this? Thank you for any help you can offer. Logon Process Name: CHAP" 1/14/06 4:13:12 PM Security Failure Audit Logon/Logoff 529 NT AUTHORITY\SYSTEM COLONY1 "Logon Failure: Reason: Unknown user name or bad password User Name: Colony Domain: COLONY1 Logon Type: 2 Logon Process: Advapi Authentication Package: Negotiate Workstation Name: COLONY1" 1/14/06 4:13:13 PM Security Success Audit System Event 515 NT AUTHORITY\SYSTEM COLONY1 "A trusted logon process has registered with the Local Security Authority. This logon process will be trusted to submit logon requests. Logon Process Name: LAN Manager Workstation Service" 1/14/06 4:13:14 PM Security Success Audit Policy Change 806 NT AUTHORITY\SYSTEM COLONY1 "Per User Audit Policy was refreshed. Number of elements: 0 Policy ID: (0x0,0xCBB9) " Logon Process Name: KSecDD" 1/14/06 4:13:16 PM Security Success Audit System Event 515 NT AUTHORITY\SYSTEM COLONY1 "A trusted logon process has registered with the Local Security Authority. This logon process will be trusted to submit logon requests. 1/14/06 4:13:16 PM Security Success Audit System Event 515 NT AUTHORITY\SYSTEM COLONY1 "A trusted logon process has registered with the Local Security Authority. This logon process will be trusted to submit logon requests. 1/14/06 4:13:22 PM Security Success Audit Logon/Logoff 528 NT AUTHORITY\LOCAL SERVICE COLONY1 "Successful Logon: User Name: LOCAL SERVICE Domain: NT AUTHORITY Logon ID: (0x0,0x3E5) Logon Type: 5 Logon Process: Advapi Authentication Package: Negotiate Workstation Name: Logon GUID: {00000000-0000-0000-0000-000000000000}" 1/14/06 4:13:22 PM Security Success Audit Privilege Use 576 NT AUTHORITY\LOCAL SERVICE COLONY1 "Special privileges assigned to new logon: User Name: LOCAL SERVICE Domain: NT AUTHORITY Logon ID: (0x0,0x3E5) Privileges: SeAuditPrivilege SeAssignPrimaryTokenPrivilege SeChangeNotifyPrivilege" Tag: DCOM - Allowing Remote Anonymous Access Tag: 80672
  - 15
    - WebDav in IIS 6 Hi, I'm implementing Webdav in IIS 6, and I give to the virtual directory the fallow NTFS permisssions: to my group (special - read & execute, read, list folder contents, create files / write data, create folders /append data), to iusr_machinename I give Deny Write. When I call the URL and clic the option Open as Web Folder, the IE ask my credentials (user anda password), what is the right thing. But when I call the URL in IE to see what I have in the virtual directory, the credentials are asked to, but in this case I donÂ´t want that the credentials are asked, because the virtual directory is to be acessed (just to read) by anonymous users. In the tab Directory Security, I have selected the option Anonymous acess. Can you help me with this? Thanks Tag: DCOM - Allowing Remote Anonymous Access Tag: 80665
  - 16
    - Using CUSRMGR from Win 2K Resource Kit for Mass Admin Password Cha I'm attempting to use CUSRMGR for changing admin passwords on over 800 PC's. It works just fine as long as you don't go over 12 characters. The problem is it has now been mandated that all local admin passwords be 15 characters long. CUSRMGR cuts off the last 3 characters. Any way around this? Tag: DCOM - Allowing Remote Anonymous Access Tag: 80664
  - 17
    - PGP vs Digital IDs We need to encrypt email btween a customer of ours and us. I have been looking at options. We are footing the bill. It will begin with a single address here and one customer with three email addressses. We will expand this to over 20 customers if things go well. This will get expensive so we want to choose the right solution. We want something that will be cross platform and non-intrusive for the customer, not to mention easy to set up. Any opinions? Thanks in advance for your time! Tag: DCOM - Allowing Remote Anonymous Access Tag: 80660
  - 18
    - Download.Trojan Can't delete files I have the Download.Trojan on my computer and am unable to delete the files that are infected and detected by Noton scans. The six files that are infected have .dll extensions and are all in the Windows/System32 folder. Norton can't delete the files in safe mode so I follow their directions to restart and manually delete them, but I can't find the files to delete them. The files do not appear in the directory, and searches fail to find them. I've tried revealing hidden files but no luck with that either. I've exhausted all the help provided by Semantec with regard to removing this trojan. Quite frustrating. Any help would be appreciated. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80653
  - 19
    - Local security policy please i have a network with workgroup not Domain i need to create new group on each PC and give this group restrict privilige or policy like unabe to uninstall program and like this... how ican do that in the my workgroup network? many thanks Tag: DCOM - Allowing Remote Anonymous Access Tag: 80651
  - 20
    - NetMeeting When launching NetMeeting, my sharing is grayed. Do you know why? Tag: DCOM - Allowing Remote Anonymous Access Tag: 80647
  - 21
    - Can't remove Nortel VPN eacfilt.sys Can you advise how to really get rid of these Nortel VPN back doors while still maintaining wireless connectivity to the Linkys home router? I thought I removed Nortel VPN software on my home machine (a network of 1) but when I installed a software firewall to bolster my Linksys wireless router, I keep getting requests to connect to the software that I thought I deleted. NDIS Filter Intermediate Driver (eacfilt.sys) has recieve a packet from the remote machine [192.168.0.1] Do you want to allow this protocol driver to access the network? NDIS Filter Intermediate Driver (eacfilt.sys) is trying to connect to [192.168.0.1] using remote port 53 (DOMAIN - Domain Name Server). Do you want to allow this program to access the network? NDIS User mode I/O Driver (ndisio.sys) has received a Multicast packet from the remote machine [192.168.0.1]. Do you want to allow this program to access the network? I tried saying "No" to these requests but then the wireless networking on the Windows XP SP2 machine doesn't work. I tried deleting these two files but again, wireless networking would not work afterward. C:\WINDOWS\system32\drivers\eacfilt.sys C:\WINDOWS\system32\eacfilt.dll I thought I deleted the Nortel Contivity VPN Client as I had never used it but apparently some vestige is laying around, for example. C:\Program Files\InstallShield Installation Information\{big number} Service = test I don't have another system to test whether these are "normal" messages but they seem like a weak link opening the machine to hackers. Can you advise how to really get rid of these Nortel VPN back doors while still maintaining wireless connectivity to the Linkys home router? Tag: DCOM - Allowing Remote Anonymous Access Tag: 80645
  - 22
    - Trying to use WLSC protection scan without success I downloaded the scanner and the proper WLSC window came up. But, when I click on one of the functions (scan, tune-up, etc.), the resulting pop-up window shows the scan start for about one second, then goes blank and the word "done" appears in the bottom status bar. I've used this scan a couple of times before on my pc when an error message got a reply from microsoft to say my pc was infected by either - win32/apropos.B or winNT/zufyx.A or spyware.apropos.C or Trojan.win32.crypt.t Now I'm not sure what to do, the last time I scanned the pc, the WLSC scan came up at the end that the pc was not infected but then it promptly crashed and I got another error message saying I have the above infecting my pc. I'm not a great pc techie person so I'd appreciate some help. Thanks. Tag: DCOM - Allowing Remote Anonymous Access Tag: 80644
  - 23
    - Repairing Windows Firewall Windows firewall has nevered worked on my computer but it was'nt much of a concern because I have it behind a router.. But last night, I changed routers and I had to expose the computer to the Internet without firewall protection.. so for future reference, can somebody tell me how to get it back running again.. Here's the setup: I go to the network settings, right click and click on change firewall settings. The message I get is windows firewall settings can't be displayed because the associated service is not running.. Do I want to start, blah blah blah.. And of course it sez, windows cannot start the windows firewall/internet connection sharing service.. Here is the log from the event viewer if this will help: Event Type: Error Event Source: Service Control Manager Event Category: None Event ID: 7023 Date: 1/22/2006 Time: 11:26:57 AM User: N/A Computer: MIKE Description: The Windows Firewall/Internet Connection Sharing (ICS) service terminated with the following error: An address incompatible with the requested protocol was used. For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp. Now clicking on help and support center links offer a little help, but changing regsitry settings, I'd rather have a MVP A-VOP authorize it. Last but not least, i have a second computer that is also XP PRO SERV PAK II plugged into the same router and it's firewall works fine..Last night I compared network settings between the two, and the one that the firewall doesn't work had netbios over tcp/ip in the properties of TCP/IP enabled, and I changed it back to default.. that did'nt help. Thanks gurus!! regards mike san diego Tag: DCOM - Allowing Remote Anonymous Access Tag: 80639
  - 24
    - Logon Type 2 during non business hours I am not an expert in Networking or Security, but think I have a reasonable understanding. Over a weekend when no one was at the office, the following events occured. Interesting enough, at the same time the alarm company received a low battery alarm. The alarm is monitored through phone lines. My question - is it possible that a power outage could cause the following Logons, or could access through a remote cause this. If so, I would assume that a hacker was on the computer. How can I check this? Event Log below. Thank you for any help you can offer. Plord Logon Process Name: CHAP" 1/14/06 4:13:12 PM Security Failure Audit Logon/Logoff 529 NT AUTHORITY\SYSTEM COLONY1 "Logon Failure: Reason: Unknown user name or bad password User Name: Colony Domain: COLONY1 Logon Type: 2 Logon Process: Advapi Authentication Package: Negotiate Workstation Name: COLONY1" 1/14/06 4:13:13 PM Security Success Audit System Event 515 NT AUTHORITY\SYSTEM COLONY1 "A trusted logon process has registered with the Local Security Authority. This logon process will be trusted to submit logon requests. Logon Process Name: LAN Manager Workstation Service" 1/14/06 4:13:14 PM Security Success Audit Policy Change 806 NT AUTHORITY\SYSTEM COLONY1 "Per User Audit Policy was refreshed. Number of elements: 0 Policy ID: (0x0,0xCBB9) " Logon Process Name: KSecDD" 1/14/06 4:13:16 PM Security Success Audit System Event 515 NT AUTHORITY\SYSTEM COLONY1 "A trusted logon process has registered with the Local Security Authority. This logon process will be trusted to submit logon requests. 1/14/06 4:13:16 PM Security Success Audit System Event 515 NT AUTHORITY\SYSTEM COLONY1 "A trusted logon process has registered with the Local Security Authority. This logon process will be trusted to submit logon requests. 1/14/06 4:13:22 PM Security Success Audit Logon/Logoff 528 NT AUTHORITY\LOCAL SERVICE COLONY1 "Successful Logon: User Name: LOCAL SERVICE Domain: NT AUTHORITY Logon ID: (0x0,0x3E5) Logon Type: 5 Logon Process: Advapi Authentication Package: Negotiate Workstation Name: Logon GUID: {00000000-0000-0000-0000-000000000000}" 1/14/06 4:13:22 PM Security Success Audit Privilege Use 576 NT AUTHORITY\LOCAL SERVICE COLONY1 "Special privileges assigned to new logon: User Name: LOCAL SERVICE Domain: NT AUTHORITY Logon ID: (0x0,0x3E5) Privileges: SeAuditPrivilege SeAssignPrimaryTokenPrivilege SeChangeNotifyPrivilege" Tag: DCOM - Allowing Remote Anonymous Access Tag: 80634
  - 25
    - problem with windows picture and fax viewer Hello, I recently had a spyware infection and had help cleaning my pc from a well known ASAP forum. During the cleanup of my pc some files, cookies and processes were removed! Unfortunately now, while my computer is clean and works much faster, i am having problems opening pictures with windows picture and fax viewer. I double click on pictures in My Pictures folder and nothing happens and the thumbnails have been replaced with generic jpeg icons. Let me also say that i recently removed adobe photo album starter edition 3 and i wish to use windows picture and fax viewer as my default application for opening all photos! How can i do this? I still have backups of hijackthis but i dont know which process to reapply if any and if this is the problem. Is it better to run the windows error checking utility or perhaps try a windows repair from the cd? Many thanks, Nick Magos Tag: DCOM - Allowing Remote Anonymous Access Tag: 80631

Can anyone tell me or does anyone know where I can find information regarding
the risk associated with changing the following DCOM policy: Machine Access
Restrictions in Security Descriptor Definition Language (SDDL) Syntax - to
allow remote anonymous access?

Does this change the RPC security setting on the XP system also?

Top