?
Solved

Null Session Shares not working in Windows Server 2008

Posted on 2009-04-17
7
Medium Priority
?
5,383 Views
Last Modified: 2013-11-05
I'm using null session shares to write data back from an application launched onto an end user cpu with WMI

On windows 2003 and XP etc it works fine, but on Windows 2008 we get "Access Denied" even though "everyone" and "anonymous logon" have full control over the null session share and its folders.

Is there something special I need to do to allow null session shares to work on Windows 2008 ?

thanks
0
Comment
Question by:plq
  • 3
  • 3
7 Comments
 
LVL 11

Expert Comment

by:Paolo Santiangeli
ID: 24168875
0
 
LVL 8

Author Comment

by:plq
ID: 24169162
OK thanks for the suggestion, but none of the ideas on there worked.

We've always been able to get to c$, just not a null session share running from a process under SYSTEM.
0
 
LVL 11

Expert Comment

by:Paolo Santiangeli
ID: 24170390
i have found this:
http://technet.microsoft.com/en-us/library/cc753731.aspx

in which:

You cannot modify the access permissions of folders or volumes that are shared for administrative purposes, such as C$ and ADMIN$.
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 8

Author Comment

by:plq
ID: 24171920
This is a null session share of a share we created, not an administrative ($) share.

Anyone ??
0
 
LVL 11

Accepted Solution

by:
Paolo Santiangeli earned 2000 total points
ID: 24183257
This is security info on windows 2008 server in which you can find some security policy concerning null session shares and anonymous users:

es: Network access: Restrict anonymous access to Named Pipes and Shares

http://technet.microsoft.com/en-us/library/cc264462.aspx?SA_CE=VIR-MAP-WEBS-TNETWEBST-2008-02-08
0
 
LVL 8

Author Comment

by:plq
ID: 24185217
thanks we're looking into this today and tomorrow..
0
 

Expert Comment

by:reskin
ID: 25616050
We have tried all of the above suggestions.  We are using a domain controller and are affecting these changes in the GPO for the default controller.  A networked media streamer is trying to access files but can not enumerate the shares that have been opened to anonymous (null) sessions - it worked fine under Windows Server 2003 R2 so there is something that Microsoft definitely changed here.  I attached the export list from the security options and user rights below.  My understanding is that these override whatever is set as a "local computer" setting.
user-rights.txt
security-options.txt
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
Windows 8 comes with a dramatically different user interface known as Metro. Notably missing from the new interface is a Start button and Start Menu. Many users do not like it, much preferring the interface of earlier versions — Windows 7, Windows X…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question