Like files and folders, services are access-controlled objects, and
every access-controlled object has a security descriptor.
Part of a
service's security descriptor is the system ACL (SACL), which you can
use to track access to that object.
The only way to view or change a
service's current SACL is through security templates.
To
reach the security templates, log on to the server and open the
Microsoft Management Console (MMC) Security Templates snap-in.
To create
a new template, right-click on the security templates path.
Select New
Template, click System Services, then double-click the appropriate
service (i.e., Telnet). Select the Define this policy setting in the template check box, then click Edit Security to open the Security for Telnet dialog box.
This dialog box contains the service's ACL, which you can use to
fine-tune who has start and stop authority.
Click Advanced, then select the Auditing tab in the Access Control Settings for Telnet dialog box.
As you can see, no auditing is currently enabled on the Telnet
service because auditing isn't enabled by default.
Click Add, then add
an entry to track successful start and stop events that members of
Everyone initiate.
Close all the dialog boxes, then save the template.
Import the
template into the MMC Security Configuration and Analysis snap-in, then
apply the template.
Now, you can check the Security log for event ID 560
(success audit: object open), where Object Type is SERVICE OBJECT, the
Object Name is the short name of the service you're monitoring (in the
case of the Telnet Service, TlntSvr), and the logged accesses include Start the service and Stop the service.
Source:
http://windowsitpro.com/systems-management/access-denied-auditing-users-who-might-be-starting-and-stopping-services
Showing posts with label Vista. Show all posts
Showing posts with label Vista. Show all posts
Friday, May 30, 2014
TCP retransmission
You can increase this value with registry key TcpMaxDataRetransmissions
“This entry appears as MSS:
(TcpMaxDataRetransmissions) How many times unacknowledged data is retransmitted
(3 recommended, 5 is default) in
the Local Group Policy Editor. This entry sets the maximum number of
retransmissions of a TCP segment containing data before the connection is
abandoned. The retransmission timeout is doubled with each successive
retransmission on a connection. It is reset when responses resume. The base
timeout value is dynamically determined by the measured round-trip time on the
connection.”
You need to
add this registry key
You can check
more details in Microsoft online documentation:
Monday, February 16, 2009
Send Ctrl-Alt-Del in Remote Desktop
Saturday, July 19, 2008
Scroll wheel doesn't work on Excel 2007
Scroll wheel doesn't work on Excel 2007
solution:
Uninstall mouse and reinstall it.
Update office 2007 and Windows.
Reboot Computer
On control panel, double click on mouse.
after update you should have two wheel tabs.
in one of them you have the option "enable universal scrolling"
click exceptions.
click add and browse.
look for excel path.
example:
"c:\program files\microsoft office\office12\excel.exe"
click ok three times.
test it. it should be ok now.
solution:
Uninstall mouse and reinstall it.
Update office 2007 and Windows.
Reboot Computer
On control panel, double click on mouse.
after update you should have two wheel tabs.
in one of them you have the option "enable universal scrolling"
click exceptions.
click add and browse.
look for excel path.
example:
"c:\program files\microsoft office\office12\excel.exe"
click ok three times.
test it. it should be ok now.
Tuesday, June 17, 2008
Change Windows Vista Boot Screen
All you need is two images at 800×600 and 1024×768 saved as 24-bit windows bitmaps. Then follow these steps:
- Download Dan Smith’s Vista Boot Logo Generator.
- Install and run from the link in the Start Menu.
- Hit Browse for image and select both the 800×600 and 1024×768 resolution bitmap files for your boot screen.
- Click on File and select Save Boot Screen File as and save your file.
- Next, you will need to replace the winload.exe.mui file in c:\Windows\System32\en-us with the one you just created. Before you copy in your new file, make a backup of the original. You will need to take ownership of all files in en-us as well as give your account file permissions to replace the file as well in order to copy the new winload.exe.mui file in.
- Click on the start orb and type in “MSCONFIG” in the textbox.
- Once the System Configuration tool loads, click on the Boot tab.
- Under Boot Options check “No GUI Boot”.
- Hit OK and reboot to see the new screen.
After go through the step, You can view your new windows vista boot scree. If you facing some booting problems with Windows vista, You can use the windows vista install CD boot up to replace the winload.exe.mui file with your backup.
Add Logo And Support Information to Vista
In Windows Vista, adding support information and a company logo is not as simple as it was in Windows XP, and it requires some Registry editing.
You will also need a small logo of the company or other entity you want to display.
Please follow these instructions:
The Logo
You will need to create a small logo of your choice by using any graphics editing tools.
Make sure that the logo file is called OEMLOGO.BMP, and, guess what, save it in .BMP format.
Also, the logo file should not be bigger than 120X120 pixels in size.
You can place the file in any directory of your choice, but I suggest you put it in the
%systemroot%\system32 folder of your computer (for example - C:\Windows\System32).
Note this path, you'll need it later.
The Registry
The next phase is to edit the local Registry and add the support information.
1. In the Start Menu type “Regedit” and press Enter.
Note: As always, be very careful while the editing the Registry.
A small mistake can cause huge damage that will prevent you from booting the computer.
If you don’t know what the Registry is, how to edit it and how to back it up, please consult with a
skilled IT professional.
2. Navigate to the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation
3. If the OEMInformation key does not exist you will need to create it.
Right Click the CurrentVersion key and from the drop down menu click New > Key.
In the Key dialogue box type OEMInformation and then press Enter.
4. Next, create the following keys and modify them to hold the following values:
Key name: Logo
Key type: String Value
Key value: The path to your logo file, for example: C:\Windows\System32
Key name: Manufacturer
Key type: String Value
Key value: Your name, or the manufacturer's name, for example: XPto
Key name: SupportHours
Key type: String Value
Key value: Your support hours, for example: Sun – Thu 9am – 5pm
Key name: SupportPhone
Key type: String Value
Key value: Your support phone number, for example: 972-3-9876543
Key name: SupportURL
Key type: String Value
Key value: Your support URL, for example: http://www.errorsolutions.blogspot.com
Close Regedit.
Note: You can export your settings and make the addition of such settings for more computers by importing the information and OEMLOGO.BMP file to them. In order to export the information, click on the OEMInformation key. Next, go to File > Export, and give the file a name (such as settings.reg). You can then edit the file with Notepad and distribute it to other computers (don't forget the .BMP file).
I added my example of the file for your reference, just copy, paste into a .REG file, and edit it to reflect your own information:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation]
"Logo"="C:\\Windows\\System32\\oemlogo.bmp"
"Manufacturer"="Daniel Petri"
"SupportHours"="Sun-Thu 9am-5pm"
"SupportPhone"="972-50-9876543"
"SupportURL"=http://www.errorsolutions.blogspot.com"
After editing the Registry and pasting the OEMLOGO.BMP file in the right path, go to the My Computer > Properties screen, or press the windows key + Break key.
Done!
You will also need a small logo of the company or other entity you want to display.
Please follow these instructions:
The Logo
You will need to create a small logo of your choice by using any graphics editing tools.
Make sure that the logo file is called OEMLOGO.BMP, and, guess what, save it in .BMP format.
Also, the logo file should not be bigger than 120X120 pixels in size.
You can place the file in any directory of your choice, but I suggest you put it in the
%systemroot%\system32 folder of your computer (for example - C:\Windows\System32).
Note this path, you'll need it later.
The Registry
The next phase is to edit the local Registry and add the support information.
1. In the Start Menu type “Regedit” and press Enter.
Note: As always, be very careful while the editing the Registry.
A small mistake can cause huge damage that will prevent you from booting the computer.
If you don’t know what the Registry is, how to edit it and how to back it up, please consult with a
skilled IT professional.
2. Navigate to the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation
3. If the OEMInformation key does not exist you will need to create it.
Right Click the CurrentVersion key and from the drop down menu click New > Key.
In the Key dialogue box type OEMInformation and then press Enter.
4. Next, create the following keys and modify them to hold the following values:
Key name: Logo
Key type: String Value
Key value: The path to your logo file, for example: C:\Windows\System32
Key name: Manufacturer
Key type: String Value
Key value: Your name, or the manufacturer's name, for example: XPto
Key name: SupportHours
Key type: String Value
Key value: Your support hours, for example: Sun – Thu 9am – 5pm
Key name: SupportPhone
Key type: String Value
Key value: Your support phone number, for example: 972-3-9876543
Key name: SupportURL
Key type: String Value
Key value: Your support URL, for example: http://www.errorsolutions.blogspot.com
Close Regedit.
Note: You can export your settings and make the addition of such settings for more computers by importing the information and OEMLOGO.BMP file to them. In order to export the information, click on the OEMInformation key. Next, go to File > Export, and give the file a name (such as settings.reg). You can then edit the file with Notepad and distribute it to other computers (don't forget the .BMP file).
I added my example of the file for your reference, just copy, paste into a .REG file, and edit it to reflect your own information:
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\OEMInformation]
"Logo"="C:\\Windows\\System32\\oemlogo.bmp"
"Manufacturer"="Daniel Petri"
"SupportHours"="Sun-Thu 9am-5pm"
"SupportPhone"="972-50-9876543"
"SupportURL"=http://www.errorsolutions.blogspot.com"
After editing the Registry and pasting the OEMLOGO.BMP file in the right path, go to the My Computer > Properties screen, or press the windows key + Break key.
Done!
Monday, May 5, 2008
Saturday, May 3, 2008
Ethernet controller - Virtual Box & Windows Vista
Vista no longer supports the AMD ethernet adapter VBox emulates, but you can find a driver for Vista on the Guest Additions ISO. Just click Install Guest Additions from the VM's Devices menu to load the disc into Vista. Although the additions install automatically, you will have to manually install the drivers for networking from the device manager. This is covered in more detail in the user manual.
Subscribe to:
Posts (Atom)