Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to firstname.lastname@example.org.
Tony Hoyle wrote: >> This on a Windows 2000 Service Pack 4 > It could just be hardcoded into privcheck (no reference to this in > google so I can't try it myself.. a homegrown app???). yeah, I forgot to mention it's an old app I wrote in Delphi. No, it doesn't hardcode anything, it's all information queried for. A pretty straightforward program, it does exactly what you'd think it does > Even if such a privilege exists in Win2kSP4 (but not in XP??? that > *would* be odd) not that odd. Windows XP doesn't come in a server flavour, so they probably didn't deem it important to fix it immediately (but I read it will be fixed in SP2). Anyway, I read the KB religiously and have subscribed to kbAlertz.com, and I remember when the article and hotfix about SeImpersonatePrivilege and SeCreateGlobalPrivilege came out. Note the "applies to" section: <http://support.microsoft.com/default.aspx?kbid=821546> > And for the create token issue (no official microsoft stuff but then > they never officially acknowledged the existence of the function > anyway): oh, so it wasn't a special check in NtCreateToken! I love Microsoft. Even when they break things, they do it in a technically sound way. Anyway, what does CVSNT need a token for? couldn't the token returned by LogonUser do? (it's used for pserver, right? isn't pserver all about plaintext athentication?)