What would cause them to desire the removal of that functionality?
*ASB *(My XeeSM Profile) <http://XeeSM.com/AndrewBaker> *Exploiting Technology for Business Advantage...* * * Signature powered by WiseStamp <http://www.wisestamp.com/email-install> On Wed, Aug 4, 2010 at 7:05 PM, Ben Scott <[email protected]> wrote: > Since I just lost three days of my working career to this, I thought > I'd share, for the benefit of the archives and web searches. > > If you are being required to implement DSS ODAA "Standardization of > Baseline Technical Security Configurations", under "User Rights > Assignment", for the "Impersonate a client after authentication" > (ยง4.6, page 46), do not remove the "SERVICE" Special Identity like > they want you to. If you do, all sorts of stuff will stop working. > At least, they did on our Win XP box. > > Symptoms include: > > Symantec Endpoint Protection anti-virus will no longer start any > manual scan. Error message "Scan failed: scan failed to start", or > just no response at all. > > Anything which uses Windows Installer will fail to install/uninstall. > In Event Viewer, Warning 1015 from Msilnstaller: "Failed to connect to > server. Error: 0x80070005". > > In Event Viewer, Error 4609 from EventSystem: "The COM+ Event System > detected a bad return code during its internal processing. HRESULT > was 80070005 from line 44 of > d:\qxp_slp\com\comlx\src\events\tier1\eventsystemobj.cpp". > > In Event Viewer, Error 8193 from VSS: "Volume Shadow Copy Service > error: Unexpected error calling routine CoCreatelnstance. hr = > 0x80040206." > > Hope this helps somebody. > > -- Ben > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
