Dieser Eintrag in der Registry steuert die Anmeldung an NT Maschinen die in einer Workgroup stehen. Je nach Einstellung ist es z.B. nicht möglich sich zur WMI Schnittstelle einer Windows XP Maschine zu verbinden.
Zitat von Torgier Bakken:
Also, it could be a ForceGuest issue (set by a registry value). It means that all the connection coming from "the network" will be authenticated as the Guest User. For WinXP, the ForceGuest setting is enabled by default when in workgroup mode (not domain) and gives access problems for WMI connections and shares access, other DCOM services and RPC services as well. Note that for WinXP Home you cannot disable the ForceGuest behavior (only in WinXP Pro). So, on your computer running WinXP Pro, you could try this: You can change this registry value without using regedit.exe through these steps
1. Open the Local Security Policy console in the Administrative Tools folder.
2. Browse down to: Security Settings\Local Policies\Security Options.
3. Double-click on the Network Access: Sharing And Security Model For Local Accounts.
4. Change the settings from Guest Only to Classic. This feature is, by default, set to Classic when Windows XP Professional is joined to a domain.
Using regedit.exe is also possible:
HOWTO: Validate User Credentials on Microsoft Operating Systems http://support.microsoft.com/default.aspx?scid=KB;EN-US;180548
On Windows XP, the ForceGuest registry value is set to 1 by default in the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
On a Windows XP computer that is a member of a workgroup:
If ForceGuest is enabled (set to 1), SSPI will always try to log on using the Guest account.
If the Guest account is enabled, an SSPI logon will succeed as Guest for any user credentials.
If the Guest account is disabled, an SSPI logon will fail even for valid credentials.
If ForceGuest is disabled (set to 0), SSPI will log on as the specified user.
More about ForceGuest here as well:
How to Set Security in Windows XP Professional That Is Installed in a Workgroup http://support.microsoft.com/default.aspx?scid=kb;en-us;290403
SMTP Authentication Configuration on Windows XP Professional Edition http://support.microsoft.com/default.aspx?scid=kb;en-us;304707
-- torgeir Microsoft MVP Scripting and WMI, Porsgrunn Norway Administration scripting examples and an ONLINE version of the 1328 page Scripting Guide: http://www.microsoft.com/technet/scriptcenter
Es gibt eine Reihe von zusätzlichen Informationen:
http://www.microsoft.com/resources/documentation/Windows/XP/all/reskit/en-us/prde_ffs_ypuh.asp
http://www.microsoft.com/technet/security/advisory/906574.mspx
http://forum.ultravnc.net/viewtopic.php?t=2555
Mittwoch, September 07, 2005
Dienstag, September 06, 2005
Perfmon Bug
Ein Performance Log unter Windows Server 2003 erzeugt mit dem Tool Logman.exe (24h Laufzeit mit automatischem Neustart) hat zwei Eigenheiten:
- 1 min vor Ablauf der Logzeit wird ein zweites Log erstellt welches eine scheinbar zufällige Größe bis zu ein paar MB hat aber keine sinnvollen Daten erhält.
- Am zweiten Tag wird kein Logfile mehr geschrieben und der Dienst smlogsvc erzeugt 100% CPU Last.
Abonnieren
Posts (Atom)