"Did".... -sc
-----Original Message----- From: Steven M. Caesare [mailto:[email protected]] Sent: Monday, June 22, 2009 6:25 PM To: NT System Admin Issues Subject: RE: I should know this, but I don't.... I tend to agree with you in that when the NetworkService was introduced, that's the distinction I recall as well. However, I just had one of my guys add the machine account to the file perms of a shared dir last week, and the problem fixed right up... and the process is running as local (some icky Oracle stuff). Go figure. Altho now I'm tempted to have my guy confirm for me it really was a LocalService acct, and *NOT* NetworkService... -sc PS - Di you just change your nick? ;-) -----Original Message----- From: Ben Scott [mailto:[email protected]] Sent: Monday, June 22, 2009 4:43 PM To: NT System Admin Issues Subject: Re: I should know this, but I don't.... On Mon, Jun 22, 2009 at 4:37 PM, Steven M. Caesare <[email protected]> wrote: > Hmmm... we have remedied issues wherein processes running in the context > of LocalService need to dump files on to the network, and adding the > machine account to the share perms solved it. Hmmm. I admit I've never *tested* the LocalService account to ensure it works the way Microsoft says it does. And they don't exactly have a stellar track record when it comes to security design. Hmmm. :-/ But anyway, MSFT claims: "It has minimum privileges on the local computer and presents anonymous credentials on the network." http://msdn.microsoft.com/en-us/library/ms684188(VS.85).aspx -- Ven ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
