Results 1 to 5 of 5

Thread: Shutdown works but....

  1. #1
    Junior Member
    Join Date
    Oct 2002
    Posts
    2

    Shutdown works but....

    ! NEWLY DISCOVERED strangeness. Under desperate testing measures, I changed all users to be members of everything. I FINALLY got remote shutdown to work! The **** ONLY **** way the shutdown was successful was to give the GUEST account to be members of everything. Works great at this point! If you remove any of the names on "members of" list, then it goes back to "access denied". Also, no other user, including newly created users with full group membership or the ADMINISTRATOR will authorize a remote shutdown. This is one of the most bizarre things I have ever seen. I would have guessed that maybe I had a Bad SID, or corrupt user database but the behavior is the same throughout the XP network. This is definately one for the think tank.

  2. #2
    FatPipez TZ Veteran MSNwar's Avatar
    Join Date
    Apr 2002
    Location
    Germany
    Posts
    601
    Don't get me wrong or take this as flame, but ...
    Your work-around kind of defeats the purpose of an admin policy.

    That is not strange at all and does not take any thought. The whole idea of an admin account is to permit or denie access to vital system functions and tasks be it a single PC with multiple users (including guests) and networked PCs (work stations).

    You have to ask yourself, "Why would you allow any type of user to execute a remote shutdown?" The reasons are obvious. Now if you have more than one admin and your admin policy allows for more than one admin to execute a remote shutdown (wise) then all you do is share the same password. This is handy if you are in a remote location and want to shutdown your system in the event of planned power outtages (California) or hear of an outside exploit attempt occuring on your network.

    I would be more concerned about creating an Admin Policy if you are in a professional environment. If you are digging and exploring in your spare time ... Have Fun Cuz I Can Dig It
    Avatar by Brudda EggHead

  3. #3
    Junior Member
    Join Date
    Oct 2002
    Posts
    2
    Thank you for your reply Msnwar. I definately understand that this in no means is a workaround, merely stating the only change that would enable the remote shutdown to execute. This is all in an NT/2K/XP test Lab I have developed for my MCSE studies, which is why it bothers me why I would EVEN NEED the Guest account (or any account mind you) wide open to grant remote authority. The XP network is not a member of a Domain and the more I read into Keberos Achitecture, the more it sounds like that most all of the remote security features behave properly when their is a domain model implemented, so I am going to switch the "role" of those workstations so they must log into a domain controller. The Administrators authentication processses is limited otherwise. Thanks! any other thoughts..keep them coming!!

  4. #4
    Precision Processor Super Moderator egghead's Avatar
    Join Date
    May 2002
    Location
    In Your Monitor
    Posts
    3,546
    did you post the same topic twice?


    hi:

    heres a couple things

    Shutdown.exe is a simple command line utility that can:

    Log Off the current user
    Shutdown (Turn Off) the computer
    Restart the computer
    Hibernate the computer (note that hibernation has to be enabled!)
    Put the computer into Stand By (Sleep)
    for xp

    http://www.budja.com/shutdown/

    Shutdown Command - Disable

    Start/Run/GPEDIT.MSC

    Computer Configurations/Windows Settings/Security Settings/Local Policies/User Rights Assignment/Shut Down the System/Users/Remove.

    There may be certain machines that you do not want to be shut down; for instance, a workgroup print server, or a machine in a kiosk. With this Registry edit, you can take away that option: Start/Run/Regedit

    Hive: HKEY_CURRENT_USER
    Key: \Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
    Name: NoClose
    Data Type: REG_DWORD
    Value: 1

    Shutdown Shortcuts

    Shutdown.exe for Windows XP

    Copy the line below to Notepad: Name it and save with a JS extension.

    (new ActiveXObject("Shell.Application")).ShutdownWindows();

    Shutdown Tracker

    The Shutdown Event Tracker provides a simple and standard mechanism you can use to consistently document the reasons for shutting down or restarting your computer. The information provided is recorded in the system log in Event Viewer.

    Go to Start/Run/Regedit and navigate to:

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Reliability

    Create a new DWORD value or modify the existing value named "ShutdownReasonUI" and set it to "1" to enable shutdown event tracking. When enabled an additional drop-down option box will be displayed with various planned and unplanned shutdown reasons. Restart Windows for the change to take effect.

    goodluck

    btw

    did you get sp1?
    ------------------------------------------------------------



  5. #5
    Techzonez Governor Super Moderator Conan's Avatar
    Join Date
    Apr 2002
    Location
    Philippines
    Posts
    4,343
    I deleted the duplicate post, please do not post duplicate threads.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •