How can add the Well known SID ?

**blackwingcat** · December 8, 2012

Windows XP is extended Wellknown SID

S-1-5-19 NT AUTHORITY\LOCAL SERVICE

S-1-5-20 NT AUTHORITY\NETWORK SERVICE

how can add these SID on Windows 2000 ?

I try to add registory

HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-19

HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-20

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20

But no effect.

Are there any ideas ?

**allen2** · December 8, 2012

Just an idea : Did you also tried to replace the whole security hive from an xp (perhaps with also the SAM hive) ?

**blackwingcat** · December 9, 2012

Just an idea : Did you also tried to replace the whole security hive from an xp (perhaps with also the SAM hive) ?

Result: Security error. Windows 2000 can't boot.

Thx

**Phenomic** · December 13, 2012

Have you tried \system32\regedt32.exe > Security > Permissions ?

**blackwingcat** · December 13, 2012

Have you tried \system32\regedt32.exe > Security > Permissions ?

Hi,

Windows 2000 does not have "NT Authority\LocalService" and "NT Authority\NetworkService" which is username.

So I want to create them.

**allen2** · December 13, 2012

I can't be sure but if it is hard coded somewhere it should be in Lsasrv.dll as it is the dll used for most security things.

**dencorso** · December 13, 2012

I try to add to registry
HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-19
HKEY_LOCAL_MACHINE\SECURITY\Policy\Accounts\S-1-5-20
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-19
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\ProfileList\S-1-5-20
But no effect.

Did you try it from outside Win 2k... say, by booting a Win PE CD, then importing the relevant hive, adding the users to it, and saving it back?

**blackwingcat** · December 14, 2012

Umm...

When I access XP Driver from Windows 2000, I can't find LocalService and NetworkService folders in C:\Documents and Settings\.

Are anyone know the reason ?

**dencorso** · December 14, 2012

They are hidden by default. If you're working with XP on NTFS, you'll need to take ownership of everything from Documents and Settings downwards... Your life would be much easier if you were working with XP on FAT-32...

**blackwingcat** · December 14, 2012

Of course I set "system super hidden folder shown" folder option.

There are not these folders physically

They are hidden by default. If you're working with XP on NTFS, you'll need to take ownership of everything from Documents and Settings downwards... Your life would be much easier if you were working with XP on FAT-32...

**Phenomic** · December 14, 2012

Have you tried opening the System hive off-line from another instance of Win2k or XP?

REG.EXE load "HKLM\_offline_" ...\system

Then it's just a database.

**jimmsta** · December 15, 2012

The issue is that on XP+ there are folders with ntuser.dat registry hives dedicated to these hidden users - on 2000, that's not the case. 2000 doesn't have these users nor their corresponding ntuser.dat hives. As such, some form of registry redirection will need to take place to handle applications that try to write to the 'hidden' service hives. I have no idea how BWC will get this working on 2000. As far as I know, those users/hives aren't used by anything but Windows core services - adding the users themselves to the registry is only one part of the equation.

Sign In

How can add the Well known SID ?

Recommended Posts

blackwingcat

allen2

blackwingcat

Phenomic

blackwingcat

allen2

dencorso

blackwingcat

dencorso

blackwingcat

Phenomic

jimmsta

Create an account or sign in to comment

Create an account

Sign in

Recently Browsing 0 members

Activity

Browse