|
 |  |  |  |  |  |  |
| Welcome to Windows Vista Forums. Our forum is dedicated to helping you find solutions with any problems, errors or issues you are experiencing with Windows Vista. The Vista forum also covers news and updates and has an extensive Windows Vista tutorial section that covers a wide range of tips and tricks. |
| |||||||
 |
| |
10-13-2006
| #1 (permalink) |
| | "Force shutdown from a remote system" What do they really mean by this? I was able to shut down a server with no users having this user right, using terminal services. I took everyone out of this user right, and I refreshed the policy then connected to the server via terminal services, and proceeded to shut it down, no problem. What kind of tool does this policy expect the remote user is going to be using to accomplish the shutdown? 'Cuz it sure ain't terminal services. Any ideas appreciated. |
My System Specs |
|
10-13-2006
| #2 (permalink) |
| | Re: "Force shutdown from a remote system" - wrote: > What do they really mean by this? I was able to shut down a server > with no users having this user right, using terminal services. I > took everyone out of this user right, and I refreshed the policy > then connected to the server via terminal services, and proceeded > to shut it down, no problem. What kind of tool does this policy > expect the remote user is going to be using to accomplish the > shutdown? 'Cuz it sure ain't terminal services. > Any ideas appreciated. Who are 'they" and where are you getting this from? IE: methinks you left out a few details. -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html |
| My System Specs |
|
10-13-2006
| #3 (permalink) |
| | Re: "Force shutdown from a remote system" Generally speaking a terminal services login is considered to be a local login as there is a winstation session. Remote login is via such as a WMI shutdown command, which is a small network transmission. <-> wrote in message news:%23pA821v7GHA.3452@TK2MSFTNGP05.phx.gbl... > What do they really mean by this? I was able to shut down a server with > no users having this user right, using terminal services. I took everyone > out of this user right, and I refreshed the policy then connected to the > server via terminal services, and proceeded to shut it down, no problem. > What kind of tool does this policy expect the remote user is going to be > using to accomplish the shutdown? 'Cuz it sure ain't terminal services. > > Any ideas appreciated. > |
| My System Specs |
|
10-13-2006
| #4 (permalink) |
| | Re: "Force shutdown from a remote system" "Shenan Stanley" <newshelper@gmail.com> wrote in message news:uQ0y2Aw7GHA.1496@TK2MSFTNGP05.phx.gbl... >- wrote: >> What do they really mean by this? I was able to shut down a server >> with no users having this user right, using terminal services. I >> took everyone out of this user right, and I refreshed the policy >> then connected to the server via terminal services, and proceeded >> to shut it down, no problem. What kind of tool does this policy >> expect the remote user is going to be using to accomplish the >> shutdown? 'Cuz it sure ain't terminal services. >> Any ideas appreciated. > > Who are 'they" and where are you getting this from? > IE: methinks you left out a few details. > I believe the "they" is MSFT when "this" user right was given a descriptive name, which differs in XP where it is "Force shutdown from a remote system" Roger > How To Ask Questions The Smart Way > http://www.catb.org/~esr/faqs/smart-questions.html > |
| My System Specs |
|
10-13-2006
| #5 (permalink) |
| | Re: "Force shutdown from a remote system" - wrote: > What do they really mean by this? I was able to shut down a > server with no users having this user right, using terminal > services. I took everyone out of this user right, and I > refreshed the policy then connected to the server via terminal > services, and proceeded to shut it down, no problem. What kind > of tool does this policy expect the remote user is going to be > using to accomplish the shutdown? 'Cuz it sure ain't terminal > services. Any ideas appreciated. Shenan Stanley wrote: > Who are 'they" and where are you getting this from? > IE: methinks you left out a few details. Roger Abell [MVP] wrote: > I believe the "they" is MSFT when "this" user right > was given a descriptive name, which differs in XP > where it is "Force shutdown from a remote system" Ah.. Thanks Roger. I appreciate the clarification. -- Shenan Stanley MS-MVP -- How To Ask Questions The Smart Way http://www.catb.org/~esr/faqs/smart-questions.html |
| My System Specs |
|
10-13-2006
| #6 (permalink) |
| | Re: "Force shutdown from a remote system" I think you are refering to a GP setting and this can override someone with local admin privs on a box from executing a remote shut down with the "shutdown" command. e.g. shutdown /s /m \\jimbo /e "I am being annoying and shutting down Jimbo's workstation" Kind regards, Jimbo. <-> wrote in message news:%23pA821v7GHA.3452@TK2MSFTNGP05.phx.gbl... > What do they really mean by this? I was able to shut down a server with > no users having this user right, using terminal services. I took everyone > out of this user right, and I refreshed the policy then connected to the > server via terminal services, and proceeded to shut it down, no problem. > What kind of tool does this policy expect the remote user is going to be > using to accomplish the shutdown? 'Cuz it sure ain't terminal services. > > Any ideas appreciated. > |
| My System Specs |
|
10-14-2006
| #7 (permalink) |
| | Re: "Force shutdown from a remote system" "James Saveker" <james@saveker.org> wrote in message news:0A25BA2F-B8E2-4686-B95A-DA7C22B35B7A@microsoft.com... >I think you are refering to a GP setting and this can override someone with >local admin privs on a box from executing a remote shut down with the >"shutdown" command. > > e.g. > > shutdown /s /m \\jimbo /e "I am being annoying and shutting down Jimbo's > workstation" > Ummm . . . no, this user right grants that capability, not denies it, so it certainly cannot be used to prevent an account from using their capabilities. > <-> wrote in message news:%23pA821v7GHA.3452@TK2MSFTNGP05.phx.gbl... >> What do they really mean by this? I was able to shut down a server with >> no users having this user right, using terminal services. I took >> everyone out of this user right, and I refreshed the policy then >> connected to the server via terminal services, and proceeded to shut it >> down, no problem. What kind of tool does this policy expect the remote >> user is going to be using to accomplish the shutdown? 'Cuz it sure ain't >> terminal services. >> >> Any ideas appreciated. >> > |
| My System Specs |
|
10-16-2006
| #8 (permalink) |
| | Re: "Force shutdown from a remote system" But, in terms of the _method_ of shutdown, the shutdown.exe command is the only method this policy addresses? "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message news:OIYAuU17GHA.568@TK2MSFTNGP05.phx.gbl... > "James Saveker" <james@saveker.org> wrote in message > news:0A25BA2F-B8E2-4686-B95A-DA7C22B35B7A@microsoft.com... >>I think you are refering to a GP setting and this can override someone >>with local admin privs on a box from executing a remote shut down with the >>"shutdown" command. >> >> e.g. >> >> shutdown /s /m \\jimbo /e "I am being annoying and shutting down Jimbo's >> workstation" >> > > Ummm . . . no, this user right grants that capability, > not denies it, so it certainly cannot be used to prevent > an account from using their capabilities. > >> <-> wrote in message news:%23pA821v7GHA.3452@TK2MSFTNGP05.phx.gbl... >>> What do they really mean by this? I was able to shut down a server with >>> no users having this user right, using terminal services. I took >>> everyone out of this user right, and I refreshed the policy then >>> connected to the server via terminal services, and proceeded to shut it >>> down, no problem. What kind of tool does this policy expect the remote >>> user is going to be using to accomplish the shutdown? 'Cuz it sure >>> ain't terminal services. >>> >>> Any ideas appreciated. >>> >> > > |
| My System Specs |
|
10-17-2006
| #9 (permalink) |
| | Re: "Force shutdown from a remote system" No. shutdown.exe is just a little exe MS made available at one time that has stuck I have spent a little time trying to see whether I can find a statement as to just exactly what APIs, what providers, what namespace classes' methodes are covered by this settings. Hoevers, all that I have found just says, as this from the W2k3 Security Guide <quote> This policy setting determines whether users can shut down computers from remote locations on the network. Any user who can shut down a computer could cause a DoS condition. Therefore, this user right should be tightly restricted. </quote> In other words, the statements I have seen just make unconditional statement that this allows use of remote means for shutdown, from which it seems that all available ways are wired to obey thius right. I know that when I use Wmi it is a requirement that one specify the shutdown right when initially instancing the objects one uses (and of course this explicit request is only honored if it is granted to the account in use) because otherwise this is not enabled on the object obtained even when allowed to the account used. <-> wrote in message news:e3FDvtV8GHA.3280@TK2MSFTNGP02.phx.gbl... > But, in terms of the _method_ of shutdown, the shutdown.exe command is the > only method this policy addresses? > > > "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message > news:OIYAuU17GHA.568@TK2MSFTNGP05.phx.gbl... >> "James Saveker" <james@saveker.org> wrote in message >> news:0A25BA2F-B8E2-4686-B95A-DA7C22B35B7A@microsoft.com... >>>I think you are refering to a GP setting and this can override someone >>>with local admin privs on a box from executing a remote shut down with >>>the "shutdown" command. >>> >>> e.g. >>> >>> shutdown /s /m \\jimbo /e "I am being annoying and shutting down Jimbo's >>> workstation" >>> >> >> Ummm . . . no, this user right grants that capability, >> not denies it, so it certainly cannot be used to prevent >> an account from using their capabilities. >> >>> <-> wrote in message news:%23pA821v7GHA.3452@TK2MSFTNGP05.phx.gbl... >>>> What do they really mean by this? I was able to shut down a server >>>> with no users having this user right, using terminal services. I took >>>> everyone out of this user right, and I refreshed the policy then >>>> connected to the server via terminal services, and proceeded to shut it >>>> down, no problem. What kind of tool does this policy expect the remote >>>> user is going to be using to accomplish the shutdown? 'Cuz it sure >>>> ain't terminal services. >>>> >>>> Any ideas appreciated. >>>> >>> >> >> > > |
| My System Specs |
|
10-18-2006
| #10 (permalink) |
| | Re: "Force shutdown from a remote system" So, what exactly is the point of this policy, it doesn't really seem to do anything. "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message news:eFcA44b8GHA.3264@TK2MSFTNGP04.phx.gbl... > No. > > shutdown.exe is just a little exe MS made available at one time that has > stuck > > I have spent a little time trying to see whether I can find a statement as > to just > exactly what APIs, what providers, what namespace classes' methodes are > covered by this settings. > > Hoevers, all that I have found just says, as this from the W2k3 Security > Guide > <quote> > This policy setting determines whether users can shut down computers from > remote locations on the network. Any user who can shut down a computer > could cause a DoS condition. Therefore, this user right should be tightly > restricted. > > </quote> > > In other words, the statements I have seen just make unconditional > statement > that this allows use of remote means for shutdown, from which it seems > that > all available ways are wired to obey thius right. > > I know that when I use Wmi it is a requirement that one specify the > shutdown > right when initially instancing the objects one uses (and of course this > explicit > request is only honored if it is granted to the account in use) because > otherwise > this is not enabled on the object obtained even when allowed to the > account used. > > > > <-> wrote in message news:e3FDvtV8GHA.3280@TK2MSFTNGP02.phx.gbl... >> But, in terms of the _method_ of shutdown, the shutdown.exe command is >> the only method this policy addresses? >> >> >> "Roger Abell [MVP]" <mvpNoSpam@asu.edu> wrote in message >> news:OIYAuU17GHA.568@TK2MSFTNGP05.phx.gbl... >>> "James Saveker" <james@saveker.org> wrote in message >>> news:0A25BA2F-B8E2-4686-B95A-DA7C22B35B7A@microsoft.com... >>>>I think you are refering to a GP setting and this can override someone >>>>with local admin privs on a box from executing a remote shut down with >>>>the "shutdown" command. >>>> >>>> e.g. >>>> >>>> shutdown /s /m \\jimbo /e "I am being annoying and shutting down >>>> Jimbo's workstation" >>>> >>> >>> Ummm . . . no, this user right grants that capability, >>> not denies it, so it certainly cannot be used to prevent >>> an account from using their capabilities. >>> >>>> <-> wrote in message news:%23pA821v7GHA.3452@TK2MSFTNGP05.phx.gbl... >>>>> What do they really mean by this? I was able to shut down a server >>>>> with no users having this user right, using terminal services. I took >>>>> everyone out of this user right, and I refreshed the policy then >>>>> connected to the server via terminal services, and proceeded to shut >>>>> it down, no problem. What kind of tool does this policy expect the >>>>> remote user is going to be using to accomplish the shutdown? 'Cuz it >>>>> sure ain't terminal services. >>>>> >>>>> Any ideas appreciated. >>>>> >>>> >>> >>> >> >> > > |
| My System Specs |
|
| Thread Tools | |
| |
Similar Threads | ||||
| Thread | Forum | |||
| "previous system shutdown was unexpected" Event ID 6008 | Vista General | |||
| User executed "System Shutdown (1115)" | General Discussion | |||
| Error: "Cannot convert "System.Object[]" to "System.Int32"." | PowerShell | |||
| Can't force remote shutdown/restart from RDP session | Vista networking & sharing | |||
| Windows Explorer: How to force ALL folders to use "All Items" template rather than "Pictures & Videos" | Vista General | |||
