Frontpage
Forums
Tutorials
Members
Calendar
Subscription
Donate
Links
Contact 
Help
Didn't realize I would need the Secondary Logon service until I came across an application that requires to be "Run As Administrator"...
Since I have removed the Secondary Logon service from my nLited install - is there a way to install it back? I believe that it is a standalone component, however - I am not sure where to begin looking and how to extract it out of the install and register it back into the system.
Any help on this would be appreciated.
Page 1 of 1
Secondary logon service
Any way to bring it back?
Rate Topic:
Back to top
#2
- Member
-
- Group: Patrons
- Posts: 2,067
- Joined: 08-January 04
- OS:XP Pro x86
-
Country:
Posted 23 January 2011 - 03:47 AM
Give me a bit of time to analyze the changes.
#3
Posted 23 January 2011 - 05:59 AM
Thank you for your efforts! Keep in mind however - if you can't figure it out, then it's not a big deal... I am only making experimental installations now anyway, and a process gone wrong here and there is just a learning point for me that will help me make better and more "thought of" customizations in the future.
I did however discover that the following file(s) and registry entries need to be present for the Second Logon service (this is just reference for anyone who is experiencing the same problem):
Secondary Logon DLL -
seclogon.dll (in WINDOWS/system32 folder)
Secondary Logon registry entries -
Services entry:
SVC host entry:
I attached the required file(s) for the lazy (the .dll and the two .reg items).
This partially fixed the problem... but still doesn't fully work. The "Run As Administrator..." context menu entry does not show up anywhere.
I did however discover that the following file(s) and registry entries need to be present for the Second Logon service (this is just reference for anyone who is experiencing the same problem):
Secondary Logon DLL -
seclogon.dll (in WINDOWS/system32 folder)
Secondary Logon registry entries -
Services entry:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon] "Description"="Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start." "DisplayName"="Secondary Logon" "ErrorControl"=dword:00000000 "ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\ 74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\ 00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\ 6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00 "Objectname"="LocalSystem" "Start"=dword:00000002 "Type"=dword:00000120 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon\Parameters] "ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\ 00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\ 73,00,65,00,63,00,6c,00,6f,00,67,00,6f,00,6e,00,2e,00,64,00,6c,00,6c,00,00,\ 00 "ServiceMain"="SvcEntry_Seclogon" [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon\Security] "Security"=hex:01,00,14,80,90,00,00,00,9c,00,00,00,14,00,00,00,30,00,00,00,02,\ 00,1c,00,01,00,00,00,02,80,14,00,ff,01,0f,00,01,01,00,00,00,00,00,01,00,00,\ 00,00,02,00,60,00,04,00,00,00,00,00,14,00,8d,01,02,00,01,01,00,00,00,00,00,\ 05,0b,00,00,00,00,00,18,00,9d,01,02,00,01,02,00,00,00,00,00,05,20,00,00,00,\ 23,02,00,00,00,00,18,00,ff,01,0f,00,01,02,00,00,00,00,00,05,20,00,00,00,20,\ 02,00,00,00,00,14,00,fd,01,02,00,01,01,00,00,00,00,00,05,12,00,00,00,01,01,\ 00,00,00,00,00,05,12,00,00,00,01,01,00,00,00,00,00,05,12,00,00,00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon\Enum] "0"="Root\\LEGACY_SECLOGON\\0000" "Count"=dword:00000001 "NextInstance"=dword:00000001
SVC host entry:
Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost] "HTTPFilter"=hex(7):48,00,54,00,54,00,50,00,46,00,69,00,6c,00,74,00,65,00,72,\ 00,00,00,00,00 "LocalService"=hex(7):41,00,6c,00,65,00,72,00,74,00,65,00,72,00,00,00,57,00,65,\ 00,62,00,43,00,6c,00,69,00,65,00,6e,00,74,00,00,00,4c,00,6d,00,48,00,6f,00,\ 73,00,74,00,73,00,00,00,52,00,65,00,6d,00,6f,00,74,00,65,00,52,00,65,00,67,\ 00,69,00,73,00,74,00,72,00,79,00,00,00,75,00,70,00,6e,00,70,00,68,00,6f,00,\ 73,00,74,00,00,00,53,00,53,00,44,00,50,00,53,00,52,00,56,00,00,00,00,00 "NetworkService"=hex(7):44,00,6e,00,73,00,43,00,61,00,63,00,68,00,65,00,00,00,\ 00,00 "netsvcs"=hex(7):36,00,74,00,6f,00,34,00,00,00,41,00,70,00,70,00,4d,00,67,00,\ 6d,00,74,00,00,00,41,00,75,00,64,00,69,00,6f,00,53,00,72,00,76,00,00,00,42,\ 00,72,00,6f,00,77,00,73,00,65,00,72,00,00,00,43,00,72,00,79,00,70,00,74,00,\ 53,00,76,00,63,00,00,00,44,00,4d,00,53,00,65,00,72,00,76,00,65,00,72,00,00,\ 00,44,00,48,00,43,00,50,00,00,00,45,00,52,00,53,00,76,00,63,00,00,00,45,00,\ 76,00,65,00,6e,00,74,00,53,00,79,00,73,00,74,00,65,00,6d,00,00,00,46,00,61,\ 00,73,00,74,00,55,00,73,00,65,00,72,00,53,00,77,00,69,00,74,00,63,00,68,00,\ 69,00,6e,00,67,00,43,00,6f,00,6d,00,70,00,61,00,74,00,69,00,62,00,69,00,6c,\ 00,69,00,74,00,79,00,00,00,48,00,69,00,64,00,53,00,65,00,72,00,76,00,00,00,\ 49,00,61,00,73,00,00,00,49,00,70,00,72,00,69,00,70,00,00,00,49,00,72,00,6d,\ 00,6f,00,6e,00,00,00,4c,00,61,00,6e,00,6d,00,61,00,6e,00,53,00,65,00,72,00,\ 76,00,65,00,72,00,00,00,4c,00,61,00,6e,00,6d,00,61,00,6e,00,57,00,6f,00,72,\ 00,6b,00,73,00,74,00,61,00,74,00,69,00,6f,00,6e,00,00,00,4d,00,65,00,73,00,\ 73,00,65,00,6e,00,67,00,65,00,72,00,00,00,4e,00,65,00,74,00,6d,00,61,00,6e,\ 00,00,00,4e,00,6c,00,61,00,00,00,4e,00,74,00,6d,00,73,00,73,00,76,00,63,00,\ 00,00,4e,00,57,00,43,00,57,00,6f,00,72,00,6b,00,73,00,74,00,61,00,74,00,69,\ 00,6f,00,6e,00,00,00,4e,00,77,00,73,00,61,00,70,00,61,00,67,00,65,00,6e,00,\ 74,00,00,00,52,00,61,00,73,00,61,00,75,00,74,00,6f,00,00,00,52,00,61,00,73,\ 00,6d,00,61,00,6e,00,00,00,52,00,65,00,6d,00,6f,00,74,00,65,00,61,00,63,00,\ 63,00,65,00,73,00,73,00,00,00,53,00,63,00,68,00,65,00,64,00,75,00,6c,00,65,\ 00,00,00,53,00,65,00,63,00,6c,00,6f,00,67,00,6f,00,6e,00,00,00,53,00,45,00,\ 4e,00,53,00,00,00,53,00,68,00,61,00,72,00,65,00,64,00,61,00,63,00,63,00,65,\ 00,73,00,73,00,00,00,53,00,52,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,\ 00,00,54,00,61,00,70,00,69,00,73,00,72,00,76,00,00,00,54,00,68,00,65,00,6d,\ 00,65,00,73,00,00,00,54,00,72,00,6b,00,57,00,6b,00,73,00,00,00,57,00,33,00,\ 32,00,54,00,69,00,6d,00,65,00,00,00,57,00,5a,00,43,00,53,00,56,00,43,00,00,\ 00,57,00,6d,00,69,00,00,00,57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,70,00,\ 00,00,77,00,69,00,6e,00,6d,00,67,00,6d,00,74,00,00,00,77,00,73,00,63,00,73,\ 00,76,00,63,00,00,00,78,00,6d,00,6c,00,70,00,72,00,6f,00,76,00,00,00,42,00,\ 49,00,54,00,53,00,00,00,77,00,75,00,61,00,75,00,73,00,65,00,72,00,76,00,00,\ 00,53,00,68,00,65,00,6c,00,6c,00,48,00,57,00,44,00,65,00,74,00,65,00,63,00,\ 74,00,69,00,6f,00,6e,00,00,00,68,00,65,00,6c,00,70,00,73,00,76,00,63,00,00,\ 00,57,00,6d,00,64,00,6d,00,50,00,6d,00,53,00,4e,00,00,00,00,00 "DcomLaunch"=hex(7):44,00,63,00,6f,00,6d,00,4c,00,61,00,75,00,6e,00,63,00,68,\ 00,00,00,54,00,65,00,72,00,6d,00,53,00,65,00,72,00,76,00,69,00,63,00,65,00,\ 00,00,00,00 "rpcss"=hex(7):52,00,70,00,63,00,53,00,73,00,00,00,00,00 "imgsvc"=hex(7):53,00,74,00,69,00,53,00,76,00,63,00,00,00,00,00 "termsvcs"=hex(7):54,00,65,00,72,00,6d,00,53,00,65,00,72,00,76,00,69,00,63,00,\ 65,00,00,00,00,00 "WudfServiceGroup"=hex(7):57,00,55,00,44,00,46,00,53,00,76,00,63,00,00,00,00,\ 00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\DComLaunch] "CoInitializeSecurityParam"=dword:00000001 "DefaultRpcStackSize"=dword:00000008 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\HTTPFilter] "CoInitializeSecurityParam"=dword:00000001 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService] "CoInitializeSecurityParam"=dword:00000001 "AuthenticationCapabilities"=dword:00002000 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs] "CoInitializeSecurityParam"=dword:00000001 "AuthenticationCapabilities"=dword:00003020 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\PCHealth] "CoInitializeSecurityParam"=dword:00000002 "AuthenticationCapabilities"=dword:00000040 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs] "CoInitializeSecurityParam"=dword:00000001 "DefaultRpcStackSize"=dword:00000008
I attached the required file(s) for the lazy (the .dll and the two .reg items).
This partially fixed the problem... but still doesn't fully work. The "Run As Administrator..." context menu entry does not show up anywhere.
Attached File(s)
-
seclogon.rar (9.87K)
Number of downloads: 73
This post has been edited by ctp9: 23 January 2011 - 06:00 AM
#4
- Member
-
- Group: Patrons
- Posts: 2,067
- Joined: 08-January 04
- OS:XP Pro x86
-
Country:
Posted 23 January 2011 - 10:04 AM
I don't see that nLite modifies the SvcHost entries. How did you come to that conclusion?
Anyways, here are my findings...
You need to put the following files in system32:
runas.exe
sclgntfy.dll
seclogon.dll
And these are the registry entries that need to be added/deleted.
Reboot and you should be good to go.
I've attached the reg file in case the forum software messes up the above with line breaks and extra spaces.
Seclogon.reg (5.37K)
Number of downloads: 69
Anyways, here are my findings...
You need to put the following files in system32:
runas.exe
sclgntfy.dll
seclogon.dll
And these are the registry entries that need to be added/deleted.
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\exefile\shell\runas\command]
@="\"%1\" %*"
[HKEY_CLASSES_ROOT\cplfile\shell\runas\command]
@="rundll32.exe shell32.dll,Control_RunDLLAsUser \"%1\",%*"
[HKEY_CLASSES_ROOT\AppID\{6295DF2D-35EE-11d1-8707-00C04FD93327}]
@="Mobsync"
"RunAs"="Interactive User"
[HKEY_CLASSES_ROOT\MSCFile\Shell\RunAs]
"MUIVerb"=hex(2):40,00,25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,\
6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,\
00,6d,00,6d,00,63,00,62,00,61,00,73,00,65,00,2e,00,64,00,6c,00,6c,00,2c,00,\
2d,00,31,00,33,00,33,00,35,00,30,00,00,00
@="R&un as..."
[HKEY_CLASSES_ROOT\MSCFile\Shell\RunAs\Command]
@=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,74,00,25,\
00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,6d,00,6d,00,\
63,00,2e,00,65,00,78,00,65,00,20,00,22,00,25,00,31,00,22,00,20,00,25,00,2a,\
00,00,00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer]
"HideRunAsVerb"=-
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon]
"Description"="Enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start."
"DisplayName"="Secondary Logon"
"ErrorControl"=dword:00000000
"ImagePath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,00,\
74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,73,\
00,76,00,63,00,68,00,6f,00,73,00,74,00,2e,00,65,00,78,00,65,00,20,00,2d,00,\
6b,00,20,00,6e,00,65,00,74,00,73,00,76,00,63,00,73,00,00,00
"Objectname"="LocalSystem"
"Start"=dword:00000004
"Type"=dword:00000120
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\seclogon\Parameters]
"ServiceDll"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,53,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
73,00,65,00,63,00,6c,00,6f,00,67,00,6f,00,6e,00,2e,00,64,00,6c,00,6c,00,00,\
00
"ServiceMain"="SvcEntry_Seclogon"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\sclgntfy.dll]
"0"=hex:00,00,28,0a,01,00,05,00
"1"=hex:3e,e5,d2,ff,e6,57,cd,00,c7,47,ba,76,95,af,7b,3d
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\seclogon.dll]
"0"=hex:00,00,28,0a,01,00,05,00
"1"=hex:e2,db,6a,19,4d,f7,7f,7d,45,6f,96,65,07,c0,71,9e
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Nls\MUILanguages\RCV2\runas.exe]
"0"=hex:00,00,28,0a,01,00,05,00
"1"=hex:2b,28,50,b5,9b,29,fb,55,bf,1c,ac,64,b5,bd,5a,b7
Reboot and you should be good to go.
I've attached the reg file in case the forum software messes up the above with line breaks and extra spaces.
Seclogon.reg (5.37K)
Number of downloads: 69
#5
Posted 23 January 2011 - 10:13 AM
Thank you -X-.
I only did research online and figured that the advice given on the majority of the Internet on how to restore the Secondary logon service was universal... I did not have the tools, knowledge, or resources needed to figure it out the way you did. I actually have no clue how you got these results, but I trust that you know what you are doing. I am a novice for nLite (but am an advanced user of Windows-based operating systems and PC hardware in general - just not the little tips and tweaks as much).
I'll try this out and will report back soon.
I only did research online and figured that the advice given on the majority of the Internet on how to restore the Secondary logon service was universal... I did not have the tools, knowledge, or resources needed to figure it out the way you did. I actually have no clue how you got these results, but I trust that you know what you are doing. I am a novice for nLite (but am an advanced user of Windows-based operating systems and PC hardware in general - just not the little tips and tweaks as much).
I'll try this out and will report back soon.
#6
- Member
-
- Group: Patrons
- Posts: 2,067
- Joined: 08-January 04
- OS:XP Pro x86
-
Country:
Posted 23 January 2011 - 10:29 AM
I'm motivated to make a tutorial because we get these type of question a lot. It's pretty easily actually. You just need something like Beyond Compare.
BTW, the forum software did mess the paste up. Use the attached reg file.
BTW, the forum software did mess the paste up. Use the attached reg file.
This post has been edited by -X-: 24 January 2011 - 10:44 AM
#7
- GroupPolicy Tattoo Artist
-
- Group: Members
- Posts: 1,277
- Joined: 21-April 05
- OS:none specified
-
Country:
Posted 23 January 2011 - 12:44 PM
-X-, on 23 January 2011 - 10:29 AM, said:
I'm motivated to make a tutorial because we get these type of question a lot.
X, I think this would be very beneficial for all. I can share my experience with restoring Active Directory (or whatever it's called - the one that Nlite mentions that breaks User Accounts control panel). Few dll's and registry entries.
GL
#8
- Member
-
- Group: Patrons
- Posts: 2,067
- Joined: 08-January 04
- OS:XP Pro x86
-
Country:
Posted 23 January 2011 - 09:37 PM
OK, I threw together a how-to video on figuring out what you need to add a removed component back.
http://www.youtube.c...h?v=zqznW4e9FeQ
Watch it in full screen and at 720p so you can see what's actually going on.
http://www.youtube.c...h?v=zqznW4e9FeQ
Watch it in full screen and at 720p so you can see what's actually going on.
This post has been edited by -X-: 07 February 2013 - 03:52 PM
#9
Posted 24 January 2011 - 05:05 AM
Thank you sir! I am hoping that we could get a sticky thread with something like this in the future... because I see a lot of people asking similar kinds of questions all the time.
#10
- Member
-
- Group: Patrons
- Posts: 2,067
- Joined: 08-January 04
- OS:XP Pro x86
-
Country:
Posted 24 January 2011 - 04:07 PM
ctp9, How did adding back secondary logon go?
#11
- Group: Members
- Posts: 1
- Joined: 07-February 13
- OS:XP Pro x86
-
Country:
Posted 07 February 2013 - 05:39 AM
Hello, I know this is an old post but rather than starting a new one I thought I would try here 1st. I have done the same thing. Would you tell me where I can find the files I need to add to system32. I have searched my original XP disk and can't find them. Many thanks for your efforts
OK, found them in the RAR file and would like to report fixed error,
Many thanks
OK, found them in the RAR file and would like to report fixed error,
Many thanks
This post has been edited by TheSolyom: 07 February 2013 - 06:05 AM
Share this topic:
Page 1 of 1