[THIN] Re: october critical updates MS-045 breaks"run as" MMC.exe for non server admins

  • From: "Rowlandson, John" <John.Rowlandson@xxxxxxxxxxxxx>
  • To: <thin@xxxxxxxxxxxxx>
  • Date: Fri, 5 Dec 2003 14:50:02 +1100

Mallesons Stephen Jaques
www.mallesons.com

Confidential communication

 
 
 
MS have finally fixed this for me..............
 
1)      Open Registry Editor using Regedit.exe 

2)      Locate the key: 
"HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager" 

3)      On the "Edit" menu, point to "New", and then click "DWORD Value". Type  
"ObjectSecurityMode" (without the quotation marks).

4)      Double-click "ObjectSecurityMode" and verify the "Value data" is "0" 
(zero). 

5)      Restart the server 


The hotfix responsible for this behavior is the one describe in the security 
bulletin MS03-045 (Q824141)


 

John Rowlandson
Technical Support Specialist
Mallesons Stephen Jaques
Sydney
T +61 2 9296 3653
F +61 2 9296 3999
john.rowlandson@xxxxxxxxxxxxx


-----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of 
Rowlandson, John
Sent: Thursday, 23 October 2003 6:44 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] october critical updates break "run as" MMC.exe for non server 
admins



Mallesons Stephen Jaques
www.mallesons.com

Confidential communication


FYI
 
found out today that on a ts server in application mode, my helpdesk staff 
cannot "RUNAS" MMC.exe as they are not server admins
 
works fine from the console of the server, just not in a ICA or RDP session 
since we loaded all the october MS critical updates on the weekend.
 
basically the staff logon to the server as their normal gumby accounts and then 
"runas" MMC.exe with their admin accts to use AD users and computers snapin 
(neither accts have admin rights to the server)
 
escalated to MSoft today
 
anyone else seen this?
 

John Rowlandson
Technical Support Specialist
Mallesons Stephen Jaques
Sydney
T +61 2 9296 3653
F +61 2 9296 3999
john.rowlandson@xxxxxxxxxxxxx


:

Other related posts:

  • » [THIN] Re: october critical updates MS-045 breaks"run as" MMC.exe for non server admins
  1. Home
  2. thin
  3. Archive
  4. 12-2003