Greetings,

The only decent MSKB I could find to lockdown the system drive
(C$ w\winnt), was the following:

http://support.microsoft.com/default.aspx?scid=kb;en-us;Q271071

Which on a fresh install of 2K, IIS5, and all patches, breaks
ASP with the following:

Event Type: Failure Audit
Event Source: Security
Event Category: Object Access
Event ID: 560
Date: 08/07/2002
Time: 5:43:28 PM
User: Server\IWAM_Server
Computer: Server
Description:
Object Open:
Object Server: Security
Object Type: File
Object Name: C:\WINNT\SYSTEM32\DLLHOST.EXE
New Handle ID: -
Operation ID: {0,83610}
Process ID: 472
Primary User Name: Server$
Primary Domain: NETONE
Primary Logon ID: (0x0,0x3E7)
Client User Name: IWAM_Server
Client Domain: Server
Client Logon ID: (0x0,0x1467E)
Accesses ReadAttributes

Privileges -

Event Type: Failure Audit
Event Source: Security
Event Category: Object Access
Event ID: 560
Date: 08/07/2002
Time: 5:43:28 PM
User: Server\IWAM_Server
Computer: server
Description:
Object Open:
Object Server: Security
Object Type: File
Object Name: C:\WINNT\TEMP
New Handle ID: -
Operation ID: {0,83602}
Process ID: 472
Primary User Name: Server$
Primary Domain: NETONE
Primary Logon ID: (0x0,0x3E7)
Client User Name: IWAM_Server
Client Domain: Server
Client Logon ID: (0x0,0x1467E)
Accesses ReadAttributes

Privileges -

So I went as far as giving IWAM almost full control to the temp
folder and RX to dllhost.exe, on top of the instructions above.

Does anyone have a solid C$: (Sys drive) file system permissions
guideline for a Win2k Web Server utilizing some ASP and database
domains/webs? No one seems to have a workable solution, besides
leaving the default -- no thanks!

Thank you,

--Dan

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]