Permissions required to restart the print spooler service?

Hello,
We have a 2003 Active Directory domain with 20 2003 SP1 servers. We have a help desk team that i need to grant access to restart the print spooler across the servers.
We only have one policy - I've edited this to allow the group acess to restart the spooler service.
I've then created a task pad displaying the service for each server.
When a memeber of the helpdesk team attempts to stop the service they get:
Error 5 access denied

I've read that SP1 changes the acl on the 'service control manager' and have run the following command:
sc sdset SCMANAGER D:(A;;CCLCRPRC;;;AU)(A;;CCLCRPWPRC;;;SY)(A;;KA;;;BA)S:(AU;FA;KA;;;WD)(AU;OIIOFA;GA;;;WD)
This results in the following error: The ACL structure is invalid
I've also run:
subinacl /service \\mlsspctx01\spooler /GRANT=mlslocal\tpad=F
And get back:
+service \\mlsspctx01\spooler
/GRANT=mlslocal\tpad=F
Elapsed Time: 00 00:00:00
Done:        0, Modified        0, Failed        0, Syntax errors        0

I've made sure that the policy has been refreshed, but still my user get the error 5 message... Can anyone think of what I'm doing wrong?
Thank you for looking.


LVL 1
Jason ThomasAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
LKaushalConnect With a Mentor Commented:
Check this --> http://support.microsoft.com/default.aspx?scid=kb;en-us;288129 
You can do it through GPO.
0
 
Jason ThomasAuthor Commented:
Thank you, however I'm not sure that relates to my problem. We have 2003 servers.

Does anyone else have any ideas?
Thanks.
0
 
Jason ThomasAuthor Commented:
I've managed to fix this myself. How do I close this call without issuing points?
0
 
Jason ThomasAuthor Commented:
No answer received.
0
All Courses

From novice to tech pro — start learning today.