Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: NIST template.

From: H Carvey <keydet89 () yahoo com>
Date: 15 Jun 2004 12:42:23 -0000
In-Reply-To: <5.2.0.9.2.20040614143816.031d6b50 () camail1 harvard edu>


I have come across a problem running a login script in AD from a win2K 
professional workstation with the NIST template on it. I don't know where 
the problem is as auditing shows no errors in the logs. Can someone shed 
some light on where I may need to look to enable this login script to run. 


Could you post the file you're using, or provide a link to it?  In order to answer your question, we'd have to be sure 
that there were no modifications to the original NIST template.  Also, it's important to know what version of the which 
template you're using (ProGold, or ProGoldPlus).


it is using wsscript.exe which I give the users access to. 


Not to pick nits, but if you're giving users access to "wsscript.exe", that may be the problem.  The file you're most 
likely interested in, if you're referring to Windows Scripting Host and not some internal application, is "wscript.exe" 
(minus one 's').  A small thing, I know, but more than one program or script has bombed due to misspellings...


It's not a 
service as I have turned on all services to check this.


Are you sure that's a good idea, particularly for your environment?  The Principle of Least Privilege (a "Very Good 
Thing"(tm)) says that we shouldn't turn on all services...



---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: