Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
KJK::Hyperion wrote: > > hmmm: > > D:\Documents and Settings\Administrator>privcheck | findstr /I impersonate > SeImpersonatePrivilege * > > This on a Windows 2000 Service Pack 4 It could just be hardcoded into privcheck (no reference to this in google so I can't try it myself.. a homegrown app???). Even if such a privilege exists in Win2kSP4 (but not in XP??? that *would* be odd) it never actually did anything until Win2k3 started enforcing it. See http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure03132003.asp and http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure03132003.asp for some disussion of the changes in 2003. And for the create token issue (no official microsoft stuff but then they never officially acknowledged the existence of the function anyway): http://groups.google.com/groups?selm=g6ppev8pvl1q2e95c4ma7sgaabrr52n6ov%404ax.com Tony -- Te audire no possum. Musa sapientum fixa est in aure. Tony Hoyle <tmh at nodomain.org> Key ID: 104D/4F4B6917 2003-09-13 Fingerprint: 063C AFB4 3026 F724 0AA2 02B8 E547 470E 4F4B 6917