|
Posted by krdj on October 27, 2006, 8:34 am
Please log in for more thread options
Hi,
When sp1 is applied to a server, all of the services that are added
after that change have different security than if they were added
before. Specifically, my developers can't remotely view the services
which causes problems for several of our applications. I have applied
the fix found at http://support.microsoft.com/kb/907460/ and this works
for any service that was installed before sp1 was applied. But, the
services we add after sp1 aren't visible remotely unless you are an
admin. I checked the sddl (using sc sdshow myservicename) for the
individual services and the ones that were on the box before sp1 have
this for authenticated users: (A;;CCLCSWLOCRRC;;;AU). The ones we add
after sp1 only have this: (A;;CR;;;AU) which doesn't allow them to
see that service. I know I can do a sc sdset myservicename on each
service to get the security we need, but we have several hundred
services and new ones coming everyday. So I was hoping one of you out
there might know a way to set the default security that every new
service receives. That way I could set it once per box and have the
new services get the needed security when they are added.
Thanks in advance for any suggestions you have.
Ken
| 
XML Sitemap