|
Posted by Al Dunbar on July 18, 2007, 11:52 pm
Please log in for more thread options Good reference, and I agree. Think of all the times we have complained about
third party applications whose installation instructions mention that the
users need to be local admins! All they have to do is re-code their
applications with security in mind. But it is hard to complain about such
practices when we are loathe to fix our own code ;-)
IMHO, as we migrated from NT through 2K to 2K3, we experienced improvements
in security. When going from a lax approach to a more rigorous one, it seems
likely that things will appear to break. This is often simply because they
rely on assumptions that are no longer correct.
/Al
> You probably are not going to like this, but the best thing you
> could, and should, do is to rewrite the app to use UNC access.
> http://support.microsoft.com/kb/180362/EN-US/
>
>>I am working on a W2K3 server and I have an older application that
>> requires a network drive mapping. I have created a Domain Admin
>> account and set the service to run as this account. The application,
>> then tries to access the "L:\" drive but is unable to access it. The
>> funny thing is that if I use the UNC path, it works just fine.
>>
>> Unfortunately, I can not use the UNC path without recoding this
>> application which I really dont want to do.
>>
>> Also, if I run the application using the LocalService Account logged
>> into the server as the Domain Admin account, and start the application
>> (by Start->Run->Programs, etc...) the application can see the L:\
>> drive and the UNC. Obviously, I cant run this application like this
>> (what happens if the user account logs off the server?)
>>
>>
>> I should also mention, all of these options worked in 2000 but not
>> 2003.
>>
>> Where can I adjust the security to allow a domain account to access a
>> mapped drive as a service?
>>
>
>
| 
XML Sitemap