Guest Will Posted July 11, 2007 Posted July 11, 2007 I am trying to work around a temporary situation on a Windows 2003 server where group policy was misapplied. NETWORK SERVICE and LOCAL SERVICE accounts no longer have impersonate privileges and start service privilege so I need to temporarily start up services in security context of SYSTEM, get group policy working, then patch up services to run in their original contexts. I have done this before we success, but this time I'm thrown for a loop by DNS Client service, which is not able to start in NETWORK SERVICE security context. In the registry location: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache there are two values: ImagePath %SystemRoot%\system32\svchost.exe -k NetworkService ObjectName NT AUTHORITY\NetworkService My question is how do I modify ImagePath to start up in the security context of SYSTEM? It's clear enough how to modify ObjectName to LocalSystem context, but when you then try to start DNS Client it immediately objects that the security contexts do not match up. There is some way to get ImagePath to launch svchost in the security context of system, but how do I do this? -- Will
Recommended Posts