?
Solved

Why is ACCESS DENIED in LsaOpenPolicy?

Posted on 2001-09-04
3
Medium Priority
?
2,156 Views
Last Modified: 2010-07-27
I'm trying to open a policy handle to access protected storage.  I'm passing an access mask of POLICY_GET_PRIVATE_INFORMATION to LsaOpenPolicy to read protected storage and POLICY_CREATE_SECRET to write to protected storage.

When running from a Power User account, I get an ACCESS DENIED error when opening the policy handle.  Why?  Shouldn't I be able to store server passwords in protected storage from a Power User account?
0
Comment
Question by:GaryW021199
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 32

Accepted Solution

by:
jhance earned 400 total points
ID: 6453684
No, the default privilege of the POWER USER group does not have access to the LSA policy information.  You need to use an account in the ADMINISTRATORS group.
0
 
LVL 17

Expert Comment

by:mikecr
ID: 6454047
Or you can use the delegate feature in active directory to give the user reset passwords permissions and this would work also.
0
 
LVL 5

Expert Comment

by:cempasha
ID: 8493712
Hi GaryW

- This question is still open and needs to be closed. If any of the comments above helped you, please accept that comment as an answer. If not please send an update about your issue so that the question can be finalised. Thank you

- Experts, please feel free to add any comments in here, if you keep silent points of question can be removed

- *** PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER ***

Pasha

Cleanup Volunteer
0

Featured Post

Want to be a Web Developer? Get Certified Today!

Enroll in the Certified Web Development Professional course package to learn HTML, Javascript, and PHP. Build a solid foundation to work toward your dream job!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
Hey fellow admins! This time, I have a little fairy tale for you. As many tales do, it starts boring and then gets pretty gory. I hope you like it. TL;DR: It is about an important security matter, you should read it if you run or administer Windows …
Visualize your data even better in Access queries. Given a date and a value, this lesson shows how to compare that value with the previous value, calculate the difference, and display a circle if the value is the same, an up triangle if it increased…
In this video, Percona Solutions Engineer Barrett Chambers discusses some of the basic syntax differences between MySQL and MongoDB. To learn more check out our webinar on MongoDB administration for MySQL DBA: https://www.percona.com/resources/we…
Suggested Courses
Course of the Month14 days, 5 hours left to enroll

800 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question