Does that utility 'LookupSid.exe' come with NT? Or is it a third party Util.
and where can I find it? Thank You,
                                                -Fab

#-----Original Message-----
#From: Focus on Microsoft Mailing List
#[mailto:FOCUS-MSSECURITYFOCUS.COM]On Behalf Of Free, Bob
#Sent: Friday, February 02, 2001 2:01 PM
#To: FOCUS-MSSECURITYFOCUS.COM
#Subject: Re: NONE Group
#
#
#David LeBlanc answered this question recently on another list:
#
#<Quote>
#
#It's really just domain users:
#
#[d:\]LookupSid.exe none
#User none is of type Group
#Revision = 1, SubAuth count = 5
#Identifier Authority = {0,0,0,0,0,5}
#Subauth 0 = 15
#Subauth 1 = 48c626fe
#Subauth 2 = 36d67c9a
#Subauth 3 = 47af2515
#Subauth 4 = 201
#
#[d:\]LookupSid.exe "domain users"
#User domain users is of type Group
#Revision = 1, SubAuth count = 5
#Identifier Authority = {0,0,0,0,0,5}
#Subauth 0 = 15
#Subauth 1 = 2e49644d
#Subauth 2 = 1a028a35
#Subauth 3 = 74b49ff8
#Subauth 4 = 201
#
#I'm not sure why "none" resolves the same as domain users, but that's what
#it amounts to.
#
#<end quote>
#-----Original Message-----
#From: Kit Skinner [mailto:kskinnerSANDSTREAM.COM]
#Sent: Tuesday, January 30, 2001 11:00 AM
#To: FOCUS-MSSECURITYFOCUS.COM
#Subject: [FOCUS-MS] NONE Group
#
#
#I was recently doing an audit on a new application server set to go into
#production and found a share with a group called "None" in the permissions
#listing with Read access. However, I haven't been able to find any
#documentation on it.
#
#I did some research on all my workstations and found this to be a built-in
#group in all member NT machines (Workstations and Non-DC Servers). It has
#the same RID as Domain Users in a Domain (513), but exists in the local
#machine. What is also unusual, is this is displayed in the permissions
#window with a Global Group Icon but listed on the Local Machine (ie:
#<ComputerName>\None). I can't use net localgroup to see who the members
#are, because its not a local group and can't find it. I can't use
#net group
#because it will only let me run that against a Domain Controller.
#
#This is not a group listed in the user manager or listed in the dialog box
#to add permissions, but can be added to permissions by typing it in
#manually. Also, you cannot create a group called None via User Manager
#because it says a group already exists with that name.
#
#One developer I spoke with said he had heard it was left in NT as a through
#back to UGLP support on a stand-alone system, but didn't really give an
#example of what it could be used for. I removed the group from the
#permissions and everything seemed to work alright.
#
#I just have a couple of questions if anyone could help, I'd appreciate it:
# 1. what is the use/purpose of this group?
# 2. who belongs to this group?
# 3. is there any risk to having it there?
# 4. can it be removed from the workstation?
#
#Thanks in advanced for your help,
#-Kit Skinner
#

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]