Solved

Is it possible to change permissions on c:\windows\system32\rasdial.exe on Server 2012?

Posted on 2014-12-10
9
258 Views
Last Modified: 2014-12-19
Is it possible to change permissions on c:\windows\system32\rasdial.exe on Server 2012?    

It seems that all I can do is look at the permissions while logged on as administrator.
0
Comment
Question by:Gary Fuqua, CISSP
  • 5
  • 3
9 Comments
 
LVL 57

Accepted Solution

by:
Cliff Galiher earned 500 total points
ID: 40493043
It is a protected OS file and should not be changed. Even if you succeeded, you'd break windows servicing.
0
 
LVL 3

Author Comment

by:Gary Fuqua, CISSP
ID: 40493058
Shouldn't, or can't?  Was able to do this under Windows Server 2003 and it provided a solution that was used for years.    I need to execute rasdial within a batch file.   The batch file is called from a script on an ASP page on the IIS server on the 2012 machine.    This code worked on a 2003 Server.     Partly because an IIS account had execute access to the rasdial.exe file.     I tried to move a copy of the rasdial.exe to another folder where I could modify the permissions, but no joy...
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 40493066
2003 was the last OS Microsoft release before they took security seriously. A *ton* has changed since then. Everything from UAC to actually granting accounts different permissions (XP/2003 saw a lot of things run as system or administrator, and malware loved it.)  

Grant the account running the IIS app-pool for your ASP page the permission to run as batch and it should work. You grant that permission via group policy. A local policy would be best unless you are building an application that you plan on scaling horizontally.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 3

Author Comment

by:Gary Fuqua, CISSP
ID: 40493095
I'm the only user of this site.  No need to worry about scaling.
Created a new app pool
Created a new site
Created a single user.
Added user to "login as batch" in local policy
Granted user right to folder where batch file and copy of rasdial.exe is located.  
Batch file wiil execute rasdial using full path, if run from command prompt.  
Assigned user to identity in app pool
No joy from web.
0
 
LVL 57

Expert Comment

by:Cliff Galiher
ID: 40493123
That doesn't sound like a permissions issue with rasdial.exe then, so changing the permissions of the file (your original question) also wouldn't solve it. But windows has the security events log and audits you can turn on to identify permissions problems, and if it us an issue with IIS, it has logs as well.
0
 
LVL 3

Author Comment

by:Gary Fuqua, CISSP
ID: 40493171
Agreed.     Unfortunately the logs haven't been helpful.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 40493313
Please describe what error message you get.
0
 
LVL 3

Author Comment

by:Gary Fuqua, CISSP
ID: 40495478
Here is the thread with more specifics regarding the code and errors.  http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Microsoft_IIS/Q_28578618.html#a40494031
0
 
LVL 3

Author Comment

by:Gary Fuqua, CISSP
ID: 40498629
I have changed my mind.  I believe it is a permissions issue.   I can't seem to get IIS to execute anything, batch or exe
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

On Beyond Tools A conversation I recently had with the DevOps manager of a major online retailer really made me think about DevOps monitoring tools (https://www.onpage.com/devops-incident-management-tool/). The manager and I discussed how sever…
As technology users and professionals, we’re always learning. Our universal interest in advancing our knowledge of the trade is unmatched by most industries. It’s a curiosity that makes sense, given the climate of change. Within that, there lies a…
In this Micro Tutorial viewers will learn how to restore single file or folder from Bare Metal backup image of their system. Tutorial shows how to restore files and folders from system backup. Often it is not needed to restore entire system when onl…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

813 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now