Solved

2012 Server and permissions NT AUTHORITY\SYSTEM

Posted on 2014-11-17
8
298 Views
Last Modified: 2014-11-21
Hello EE,

Our company has a custom exe , ran fine under 2003 server 32 bit , when installing on windows 2012 64 bit , I receive error . Upon inspection with process monitor , I see FILE LOCKED WITH ONLY READERS, on operation CreateFileMapping C:\Windows\System32\sechost.dll and on C:\Windows\System32\mscoree.dll , this is as user NT AUTHORITY\SYSTEM . So it appears the process cannot access the system 32 folder . How would I go about correcting this ?
0
Comment
Question by:davesnb
  • 4
  • 3
8 Comments
 
LVL 32

Expert Comment

by:it_saige
ID: 40448054
Try right-clicking on the program and choosing 'Run As Administrator'.

-saige-
0
 

Author Comment

by:davesnb
ID: 40448062
It runs as a service .
0
 
LVL 32

Expert Comment

by:it_saige
ID: 40448065
What service user does it run as, e.g. - (LocalSystem, NetworkService)?

-saige-
0
 

Author Comment

by:davesnb
ID: 40448069
Local System Account
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 32

Accepted Solution

by:
it_saige earned 500 total points
ID: 40448091
Local system does have access to the System32 directory.
One advantage of running under the LocalSystem account is that the service has complete unrestricted access to local resources. This is also the disadvantage of LocalSystem because a LocalSystem service can do things that would bring down the entire system. In particular, a service running as LocalSystem on a domain controller (DC) has unrestricted access to Active Directory Domain Services. This means that bugs in the service, or security attacks on the service, can damage the system or, if the service is on a DC, damage the entire enterprise network.
Source

This leads me to believe that there has to be some other issue.

What is the exact error message you receive when you start the service.  Also look in the event log to see if there is any additional information.

-saige-
0
 
LVL 34

Expert Comment

by:Seth Simmons
ID: 40448183
did the developer(s) state it would even work on 2012?
0
 

Author Comment

by:davesnb
ID: 40448600
Proceess monitor indicates the account does not have access to the system 32 directory. How can this be the case .?
0
 

Author Closing Comment

by:davesnb
ID: 40457549
Local system account is indeed executing correctly , misread on proc mon , was a lock then a subsequent success on next line.
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
Understanding the various editions available is vital when you decide to purchase Windows Server 2012. You need to have a basic understanding of the features and limitations in each edition in order to make a well-informed decision that best suits y…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now