Archived from groups: microsoft.public.win2000.security (
More info?)
<WilliamBeau> wrote in message news:uoSqPZd7EHA.3944@TK2MSFTNGP12.phx.gbl...
> Herb, this appears to be true only for system services - those basically
> included in the OS/ machine build and do not offer services that are
> installed as a result of software intallation or services created that are
> non-OS related.
I didn't know that -- I wonder if this is the 'fault' of the
programmers (like not using the Event Log but creating
their own seperate feature for the same purpose) or if
it is the 'fault' of the published APIs?
Maybe it is as simple as the programmer creating a
system object to control access but of course that doesn't
help you....
> Do you know if I can change the list of services available in the group
> policy in order to accomodate these types of services?
What would the user be "accessing" for these services?
Log files? Use NTFS...
Registry settings? Use permissions (similar to NTFS)
What else?
--
Herb Martin
> Thanks!
>
> "Herb Martin" <news@LearnQuick.com> wrote in message
> news:%233xt7cT7EHA.1404@TK2MSFTNGP11.phx.gbl...
> > <WilliamBeau> wrote in message
> news:uwkWJgR7EHA.2180@TK2MSFTNGP12.phx.gbl...
> > > Can anyone suggest a way to allow certain users to start and stop
> > particular
> > > services on a server?
> >
> > Such can be done through delegation on the service
> > properties.
> >
> > No matter how you do it this will be a permission but
> > you may distribute it to may machine by using a policy.
> >
> > On each service there are properties -- on the secure
> > tab there are permissions available to be delegated.
> >
> > > I have a group of developers who I wish not to grant administrative
> access
> > > to, but require the ability to bounce their applications which are
> service
> > > based. I've looked in the local security policy but do not see
anything
> > > that stands out as being able to do this.
> >
> > Look in the Services control panel or in a GPO->
> > Windows->Security->Services
> >
> > --
> > Herb Martin
> >
> >
> > >
> > > Thanks
> > >
> > >
> >
> >
>
>