Jump to content

How can add the Well known SID ?

blackwingcat

By blackwingcat
in Windows 2000/2003/NT4

 Share

Recommended Posts

blackwingcat

blackwingcat

Posted
Posted

Windows XP is extended Wellknown SID

S-1-5-19 NT AUTHORITY\LOCAL SERVICE

S-1-5-20 NT AUTHORITY\NETWORK SERVICE

how can add these SID on Windows 2000 ?

I try to add registory

HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-19

HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-20

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20

But no effect.

Are there any ideas ?


allen2

allen2

Posted
Posted

Just an idea : Did you also tried to replace the whole security hive from an xp (perhaps with also the SAM hive) ?

blackwingcat

blackwingcat

Posted
  • Author
Posted

Just an idea : Did you also tried to replace the whole security hive from an xp (perhaps with also the SAM hive) ?

Result: Security error. Windows 2000 can't boot.

Thx

blackwingcat

blackwingcat

Posted
  • Author
Posted

Have you tried \system32\regedt32.exe > Security > Permissions ?

Hi,

Windows 2000 does not have "NT Authority\LocalService" and "NT Authority\NetworkService" which is username.

So I want to create them.

allen2

allen2

Posted
Posted

I can't be sure but if it is hard coded somewhere it should be in Lsasrv.dll as it is the dll used for most security things.

dencorso

dencorso

Posted
Posted
I try to add to registry

HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-19

HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-20

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20

But no effect.

Did you try it from outside Win 2k... say, by booting a Win PE CD, then importing the relevant hive, adding the users to it, and saving it back?

blackwingcat

blackwingcat

Posted
  • Author
Posted

Umm...

When I access XP Driver from Windows 2000, I can't find LocalService and NetworkService folders in C:\Documents and Settings\.

Are anyone know the reason ?

dencorso

dencorso

Posted
Posted

They are hidden by default. If you're working with XP on NTFS, you'll need to take ownership of everything from Documents and Settings downwards... Your life would be much easier if you were working with XP on FAT-32...

blackwingcat

blackwingcat

Posted
  • Author
Posted

Of course I set "system super hidden folder shown" folder option.

There are not these folders physically :unsure:

They are hidden by default. If you're working with XP on NTFS, you'll need to take ownership of everything from Documents and Settings downwards... Your life would be much easier if you were working with XP on FAT-32...

Phenomic

Phenomic

Posted
Posted

Have you tried opening the System hive off-line from another instance of Win2k or XP?

REG.EXE load "HKLM\_offline_" ...\system

Then it's just a database.

jimmsta

jimmsta

Posted
Posted

The issue is that on XP+ there are folders with ntuser.dat registry hives dedicated to these hidden users - on 2000, that's not the case. 2000 doesn't have these users nor their corresponding ntuser.dat hives. As such, some form of registry redirection will need to take place to handle applications that try to write to the 'hidden' service hives. I have no idea how BWC will get this working on 2000. As far as I know, those users/hives aren't used by anything but Windows core services - adding the users themselves to the registry is only one part of the equation.

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...