How to prevent other people from changing the time in my windows server?
Of course, I can use security policy as following.
Control Panel -> Administrative Tools -> Local Security Policy -> Security
Settings -> Local Policies -> User Rights Assignment -> Change the System
Time
Add or remove users as desired.
But, I wanna develop a program which can lock down the windows clock and
prevent the time being changed.
Thanks to all who respond.
Regards.
Uhhhh isn’t your question redundant? You just answered it. Your program
should just make the same policy / privilege adjustments. Only
administrators can change that policy, and if you’re an administrator, you
can do anything to the machine, so it’s game over.
– arlie
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of tocsjung
Sent: Sunday, February 19, 2006 11:24 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Prevent changing time.
How to prevent other people from changing the time in my windows server?
Of course, I can use security policy as following.
Control Panel -> Administrative Tools -> Local Security Policy -> Security
Settings -> Local Policies -> User Rights Assignment -> Change the System
Time Add or remove users as desired.
But, I wanna develop a program which can lock down the windows clock and
prevent the time being changed.
Thanks to all who respond.
Regards.
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@stonestreetone.com To
unsubscribe send a blank email to xxxxx@lists.osr.com
Only administrators can change time, and you cannot prevent the
administrator from doing this.
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
----- Original Message -----
From: “tocsjung”
Newsgroups: ntdev
To: “Windows System Software Devs Interest List”
Sent: Monday, February 20, 2006 7:24 AM
Subject: [ntdev] Prevent changing time.
> How to prevent other people from changing the time in my windows server?
>
> Of course, I can use security policy as following.
>
> Control Panel -> Administrative Tools -> Local Security Policy -> Security
> Settings -> Local Policies -> User Rights Assignment -> Change the System
> Time
> Add or remove users as desired.
>
> But, I wanna develop a program which can lock down the windows clock and
> prevent the time being changed.
>
> Thanks to all who respond.
>
> Regards.
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
As has already been stated you cannot stop people from changing time. You
can make a driver that lets you know time has changed. Look at the
ExCreateCallback function to get you started on the driver.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
“tocsjung” wrote in message news:xxxxx@ntdev…
> How to prevent other people from changing the time in my windows server?
>
> Of course, I can use security policy as following.
>
> Control Panel -> Administrative Tools -> Local Security Policy -> Security
> Settings -> Local Policies -> User Rights Assignment -> Change the System
> Time
> Add or remove users as desired.
>
> But, I wanna develop a program which can lock down the windows clock and
> prevent the time being changed.
>
> Thanks to all who respond.
>
> Regards.
>
>
>
That’s pretty handy - the driver knowing the time has been changed.
Thanks for sharing that!
So, couldn’t your driver trap on when the time was changed and either
reset the PC’s clock based on the US’s atomic clock website? Or what if
your driver polls the time every minute and then if it sees the time
changed, it updates the clock based on the last time sample?
Steve Spano
President, Finger Lakes Engineering
(V) 607-277-1614 x223
(F) 800-835-7164
(C) 607-342-1150
xxxxx@flconsult.com
www.fl-eng.com
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Tuesday, February 21, 2006 7:32 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Prevent changing time.
As has already been stated you cannot stop people from changing time.
You
can make a driver that lets you know time has changed. Look at the
ExCreateCallback function to get you started on the driver.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
“tocsjung” wrote in message news:xxxxx@ntdev…
> How to prevent other people from changing the time in my windows
server?
>
> Of course, I can use security policy as following.
>
> Control Panel -> Administrative Tools -> Local Security Policy ->
Security
> Settings -> Local Policies -> User Rights Assignment -> Change the
System
> Time
> Add or remove users as desired.
>
> But, I wanna develop a program which can lock down the windows clock
and
> prevent the time being changed.
>
> Thanks to all who respond.
>
> Regards.
>
>
>
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: xxxxx@flconsult.com
To unsubscribe send a blank email to xxxxx@lists.osr.com
Hi,
Are you trying to prevent this change to protect against “malicious”
changes, or simply so that all your machines can have the same time? If
it’s the latter, then setting the policy and telling your users a
message (“Please don’t change the time”) should be enough. I don’t see
why a user would start messing around with the computer, disable the
policy, and change the time, unless he has malicious intent.
Which gets me to my second point. If you’re trying to block malicious
users, then there’s nothing you can do, since you seem to be letting
them run in administrator mode (since they can change the policy/time).
Even if you were to write a driver to reset the time on an “unauthorized
change” (which would already be an ugly hack), nothing stops your
malicious user from unloading your driver, or getting around it using a
myriad of methods available to an admin.
So again, if this is casual blocking – inform your users and set the
policy. If this is anti-malicious blocking – don’t allow rogue users to
have administrator access to the machine.
Best regards,
Alex Ionescu
Steve Spano wrote:
That’s pretty handy - the driver knowing the time has been changed.
Thanks for sharing that!So, couldn’t your driver trap on when the time was changed and either
reset the PC’s clock based on the US’s atomic clock website? Or what if
your driver polls the time every minute and then if it sees the time
changed, it updates the clock based on the last time sample?Steve Spano
President, Finger Lakes Engineering
(V) 607-277-1614 x223
(F) 800-835-7164
(C) 607-342-1150
xxxxx@flconsult.com
www.fl-eng.com-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Tuesday, February 21, 2006 7:32 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Prevent changing time.As has already been stated you cannot stop people from changing time.
You
can make a driver that lets you know time has changed. Look at the
ExCreateCallback function to get you started on the driver.