Hi all,
I’m trying to move most of my network adapter installation code
out of the .inf script and into a corresponding .exe.
I’m trying to figure out what the “Security” key is that gets
installed by the standard oemsetup in:
HKLM\SYSTEM\CurrentControlSet\Services<mydriver>\Security
What is this, how is it used and how can I set this
value programmatically?
Thanks,
Pete
It is created when your service use a particular account to work with (i.e,
it does not use local system).
It seems that name and password are stored here encrypted.
Service Control Manager uses this information to login with that account
before launching your service.
Inaki.
-----Original Message-----
From: Peter Craft
Sent: mi?rcoles 5 de abril de 2000 1:16
To: NT Developers Interest List
Subject: [ntdev] What is “Security” key under “Services” entries?Hi all,
I’m trying to move most of my network adapter installation code
out of the .inf script and into a corresponding .exe.I’m trying to figure out what the “Security” key is that gets
installed by the standard oemsetup in:
HKLM\SYSTEM\CurrentControlSet\Services<mydriver>\Security
>
> What is this, how is it used and how can I set this
> value programmatically?
>
> Thanks,
>
> Pete
>
Inaki,
I don’t think you can be right about this. The “Security” key is also
created for services that use the local system account; what would it
contain in this case?
Simon.
=
=20
I=F1aki Castillo =
=20
Interest List" =20
ware.es> cc: =
=20
Sent by: Subject: [ntdev] RE=
: What is “Security” key under “Services” =20
xxxxx@lis entries? =
=20
ts.osr.com =
=20
=
=20
=
=20
05/04/00 09:52 =
=20
Please respond to =
=20
“NT Developers =
=20
Interest List” =
=20
=
=20
=
=20
It is created when your service use a particular account to work with (=
i.e,
it does not use local system).
It seems that name and password are stored here encrypted.
Service Control Manager uses this information to login with that accoun=
t
before launching your service.
Inaki.
> -----Original Message-----
> From: Peter Craft
> Sent: mi=E9rcoles 5 de abril de 2000 1:16
> To: NT Developers Interest List
> Subject: [ntdev] What is “Security” key under “Services” entries?=
>
>
> Hi all,
>
> I’m trying to move most of my network adapter installation code
> out of the .inf script and into a corresponding .exe.
>
> I’m trying to figure out what the “Security” key is that gets
> installed by the standard oemsetup in:
> HKLM\SYSTEM\CurrentControlSet\Services<mydriver>\Security
>
> What is this, how is it used and how can I set this
> value programmatically?
>
> Thanks,
>
> Pete
>
—
You are currently subscribed to ntdev as: xxxxx@normanuk.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
=
Hello Simon,
It contains the ACL for the service :- which accounts are allowed to
start/stop/pause/etc it.
The username & password for a named account are stored somewhere else.
Jonathan Edwards
NT Team
Network Associates Inc.
-----Original Message-----
From: Simon Bonner [mailto:xxxxx@normanuk.com]
Sent: Wednesday, April 05, 2000 02:22
To: NT Developers Interest List
Subject: [ntdev] RE: What is “Security” key under “Services” entries?
Inaki,
I don’t think you can be right about this. The “Security” key is also
created for services that use the local system account; what would it
contain in this case?
Simon.
I?aki Castillo
Interest List"
ware.es> cc:
Sent by: Subject: [ntdev] RE:
What is “Security” key under “Services”
xxxxx@lis entries?
ts.osr.com
05/04/00 09:52
Please respond to
“NT Developers
Interest List”
It is created when your service use a particular account to work with (i.e,
it does not use local system).
It seems that name and password are stored here encrypted.
Service Control Manager uses this information to login with that account
before launching your service.
Inaki.
> -----Original Message-----
> From: Peter Craft
> Sent: mi?rcoles 5 de abril de 2000 1:16
> To: NT Developers Interest List
> Subject: [ntdev] What is “Security” key under “Services” entries?
>
>
> Hi all,
>
> I’m trying to move most of my network adapter installation code
> out of the .inf script and into a corresponding .exe.
>
> I’m trying to figure out what the “Security” key is that gets
> installed by the standard oemsetup in:
> HKLM\SYSTEM\CurrentControlSet\Services<mydriver>\Security
>
> What is this, how is it used and how can I set this
> value programmatically?
>
> Thanks,
>
> Pete
>
—
You are currently subscribed to ntdev as: xxxxx@normanuk.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
—
You are currently subscribed to ntdev as: xxxxx@NAI.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
Hello Jon,
Thanks for that - I never had managed to work out what was in there.
Presumably then, if you loaded the contents of the “Security” value int=
o
memory and cast it to an ACL you could walk the list and enumerate the
ACEs? Could be useful.
Simon.
=
=20
“Edwards, Jonathan” =
=20
<jonathan_edwards to: developers=“<br”>Interest List" =20
I.com> cc: =
=20
Sent by: Subject: [ntdev] RE=
: What is “Security” key under “Services” =20
xxxxx@lis entries? =
=20
ts.osr.com =
=20
=
=20
=
=20
05/04/00 16:22 =
=20
Please respond to =
=20
“NT Developers =
=20
Interest List” =
=20
=
=20
=
=20
Hello Simon,
It contains the ACL for the service :- which accounts are allowed to
start/stop/pause/etc it.
The username & password for a named account are stored somewhere else.
—
Jonathan Edwards
NT Team
Network Associates Inc.
-----Original Message-----
From: Simon Bonner [mailto:xxxxx@normanuk.com]
Sent: Wednesday, April 05, 2000 02:22
To: NT Developers Interest List
Subject: [ntdev] RE: What is “Security” key under “Services” entries?
Inaki,
I don’t think you can be right about this. The “Security” key is also
created for services that use the local system account; what would it
contain in this case?
Simon.
I=F1aki Castillo
Interest List"
ware.es> cc:
Sent by: Subject: [ntdev] RE=
:
What is “Security” key under “Services”
xxxxx@lis entries?
ts.osr.com
05/04/00 09:52
Please respond to
“NT Developers
Interest List”
It is created when your service use a particular account to work with (=
i.e,
it does not use local system).
It seems that name and password are stored here encrypted.
Service Control Manager uses this information to login with that accoun=
t
before launching your service.
Inaki.
> -----Original Message-----
> From: Peter Craft
> Sent: mi=E9rcoles 5 de abril de 2000 1:16
> To: NT Developers Interest List
> Subject: [ntdev] What is “Security” key under “Services” entries?=
>
>
> Hi all,
>
> I’m trying to move most of my network adapter installation code
> out of the .inf script and into a corresponding .exe.
>
> I’m trying to figure out what the “Security” key is that gets
> installed by the standard oemsetup in:
> HKLM\SYSTEM\CurrentControlSet\Services<mydriver>\Security
>
> What is this, how is it used and how can I set this
> value programmatically?
>
> Thanks,
>
> Pete
>
—
You are currently subscribed to ntdev as: xxxxx@normanuk.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
—
You are currently subscribed to ntdev as: xxxxx@NAI.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
—
You are currently subscribed to ntdev as: xxxxx@normanuk.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
=</jonathan_edwards>
Yes. It’s a security descriptor probably, not a raw ACL.
See QueryServiceObjectSecurity()
Jon
-----Original Message-----
From: Simon Bonner [mailto:xxxxx@normanuk.com]
Sent: Wednesday, April 05, 2000 09:06
To: NT Developers Interest List
Subject: [ntdev] RE: What is “Security” key under “Services” entries?
Hello Jon,
Thanks for that - I never had managed to work out what was in there.
Presumably then, if you loaded the contents of the “Security” value into
memory and cast it to an ACL you could walk the list and enumerate the
ACEs? Could be useful.
Simon.
“Edwards, Jonathan”
<jonathan_edwards to: developers>Interest List"
I.com> cc:
Sent by: Subject: [ntdev] RE:
What is “Security” key under “Services”
xxxxx@lis entries?
ts.osr.com
05/04/00 16:22
Please respond to
“NT Developers
Interest List”
Hello Simon,
It contains the ACL for the service :- which accounts are allowed to
start/stop/pause/etc it.
The username & password for a named account are stored somewhere else.
—
Jonathan Edwards
NT Team
Network Associates Inc.
-----Original Message-----
From: Simon Bonner [mailto:xxxxx@normanuk.com]
Sent: Wednesday, April 05, 2000 02:22
To: NT Developers Interest List
Subject: [ntdev] RE: What is “Security” key under “Services” entries?
Inaki,
I don’t think you can be right about this. The “Security” key is also
created for services that use the local system account; what would it
contain in this case?
Simon.
I?aki Castillo
Interest List"
ware.es> cc:
Sent by: Subject: [ntdev] RE:
What is “Security” key under “Services”
xxxxx@lis entries?
ts.osr.com
05/04/00 09:52
Please respond to
“NT Developers
Interest List”
It is created when your service use a particular account to work with (i.e,
it does not use local system).
It seems that name and password are stored here encrypted.
Service Control Manager uses this information to login with that account
before launching your service.
Inaki.
> -----Original Message-----
> From: Peter Craft
> Sent: mi?rcoles 5 de abril de 2000 1:16
> To: NT Developers Interest List
> Subject: [ntdev] What is “Security” key under “Services” entries?
>
>
> Hi all,
>
> I’m trying to move most of my network adapter installation code
> out of the .inf script and into a corresponding .exe.
>
> I’m trying to figure out what the “Security” key is that gets
> installed by the standard oemsetup in:
> HKLM\SYSTEM\CurrentControlSet\Services<mydriver>\Security
>
> What is this, how is it used and how can I set this
> value programmatically?
>
> Thanks,
>
> Pete
>
—
You are currently subscribed to ntdev as: xxxxx@normanuk.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
—
You are currently subscribed to ntdev as: xxxxx@NAI.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
—
You are currently subscribed to ntdev as: xxxxx@normanuk.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)
—
You are currently subscribed to ntdev as: xxxxx@NAI.com
To unsubscribe send a blank email to $subst(‘Email.Unsub’)</jonathan_edwards>
>It seems that name and password are stored here encrypted.
Service Control Manager uses this information to login with that account
before launching your service.
Only the username is stored in \Security.
The password is stored as an object called “LSA secret” under
HKLM\Security.
Max