Mallesons Stephen Jaques www.mallesons.com Confidential communication MS have finally fixed this for me.............. 1) Open Registry Editor using Regedit.exe 2) Locate the key: "HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager" 3) On the "Edit" menu, point to "New", and then click "DWORD Value". Type "ObjectSecurityMode" (without the quotation marks). 4) Double-click "ObjectSecurityMode" and verify the "Value data" is "0" (zero). 5) Restart the server The hotfix responsible for this behavior is the one describe in the security bulletin MS03-045 (Q824141) John Rowlandson Technical Support Specialist Mallesons Stephen Jaques Sydney T +61 2 9296 3653 F +61 2 9296 3999 john.rowlandson@xxxxxxxxxxxxx -----Original Message----- From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of Rowlandson, John Sent: Thursday, 23 October 2003 6:44 PM To: thin@xxxxxxxxxxxxx Subject: [THIN] october critical updates break "run as" MMC.exe for non server admins Mallesons Stephen Jaques www.mallesons.com Confidential communication FYI found out today that on a ts server in application mode, my helpdesk staff cannot "RUNAS" MMC.exe as they are not server admins works fine from the console of the server, just not in a ICA or RDP session since we loaded all the october MS critical updates on the weekend. basically the staff logon to the server as their normal gumby accounts and then "runas" MMC.exe with their admin accts to use AD users and computers snapin (neither accts have admin rights to the server) escalated to MSoft today anyone else seen this? John Rowlandson Technical Support Specialist Mallesons Stephen Jaques Sydney T +61 2 9296 3653 F +61 2 9296 3999 john.rowlandson@xxxxxxxxxxxxx :