RE: RE: [tme10] [FW] MS04-011 causing Tivoli user rights to disappear?

I was just checking into our builds and we do have this patch installed and we 
are not seeing this problem.

----------------------------------------------
Martin Carnegie
ATCO I-Tek
Phone: 780.420.5068
Pager: 780.671.2895
mailto:martin.carnegie-Pu0lXx3ZBK1Wk0Htik3J/w@xxxxxxxxxxxxxxxx
----------------------------------------------

The information transmitted is intended only for the addressee and may contain 
confidential, proprietary and/or privileged material. Any unauthorized review, 
distribution or other use of or the taking of any action in reliance upon this 
information is prohibited. If you receive this in error, please contact the 
sender and delete or destroy this message and any copies.


-----Original Message-----
From: owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx 
[mailto:owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx] On Behalf Of Pablo 
Wolinski
Sent: Friday, April 30, 2004 12:12 PM
To: tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx
Subject: RE: [tme10] RE: [tme10] [FW] MS04-011 causing Tivoli user rights to 
disappear?


Hi Gus!

If you are having troubles with permissions and are using FW411 consider using
the new switches added in the last version of the Endpoint Code: 

repair_accts=TRUE
repair_tap=TRUE 

Example: wep $ep set_config repair_accts=TRUE

"The repair_accts switch directs the endpoint to run "ntconfig -e" (now
installed in %LCF_BINDIR%) which checks the validity of the tmersrvd account
and Tivoli_Admin_Privileges group. It will create them if they don't exist and
set the required privileges if they are missing. It also grants tmersrvd
read/execute permission in 
%SystemRoot%\System32 if this is missing."

"The repair_tap switch directs the endpoint to ensure that
%SystemRoot%\System32\TivoliAP.dll exists (if not it is copied from
%LCF_BINDIR%) and runs "wlcftap -a" to ensure that it is properly registered.
These actions are performed during lcfd service startup, so any repairs made
will not have any effect until the next system boot."

Nice options... :-)

Regards,

Pablito.

-----Original Message-----
From: owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx 
[mailto:owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx] On
Behalf Of David M. Funk
Sent: Friday, April 30, 2004 12:50
To: tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx
Subject: RE: [tme10] RE: [tme10] [FW] MS04-011 causing Tivoli user rights to
disappear?

If these endpoints have $LCFDIR\bin\w32-ix86\mrt\libacct60.dll and
$LCFDIR\bin\w32-ix86\mrt\ntconfig.exe

You can run ntconfig.exe to restore the tivoli accounts

If not, copy these files to that directory and then run the ntconfig.exe cmd.

You can find ntconfig on your TMR:
$BINDIR/../lcf_bundle.4100/bin/w32-ix86/endpoint/ntconfig.exe
Libacct60.dll:
$BINDIR/../lcf_bundle.4100/lib/w32-ix86/libacct60.dll

Also, check if c:\[winnt|windows]\system32\TivoliAP.dll exists If not, you
have to copy it there and run:

$LCFDIR\bin\w32-ix86\mrt\wlcftap -a

HTH,
David M. Funk
President/CEO

Enterprise Mgmt Consultant and e-Business Expert Specializing in Network and
Systems Management Solutions

Trinity Solutions           
604 Cassandra Dr.        
Cranberry Twp., PA 16066

Phone:724-316-0721                    
Fax:    724-772-7889 
email: mfunk-4BPVbDjIjbMYHSwlGLmu7A@xxxxxxxxxxxxxxxx
http://www.trinitysol.net



-----Original Message-----
From: owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx 
[mailto:owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx]
On Behalf Of gunnar.svanberg-tQ0j8nVVjSY@xxxxxxxxxxxxxxxx
Sent: Friday, April 30, 2004 1:41 AM
To: tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx
Subject: RE: [tme10] RE: [tme10] [FW] MS04-011 causing Tivoli user rights to
disappear?


Hi Niclas

Look at the user rights for tmersvrd and Tivoli_Admin_Privileges. For us they
had all gone on some but not all servers. Still investigating as we speak...

I will update the list once I've figured out what is going on....

/Gus

-----Original Message-----
From: owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx 
[mailto:owner-tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx]
On Behalf Of Niclas Nilsson
Sent: den 29 april 2004 16:56
To: tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx
Subject: [tme10] RE: [tme10] [FW] MS04-011 causing Tivoli user rights to
disappear?

We have applied this patch. 
Today we discovered problems with failing Framework patch installation.
Maybe the MS patch is the problem.... have to look into this. Thanks for the
tip. Regards niclas



-----Ursprungligt meddelande-----
Från: gunnar.svanberg-tQ0j8nVVjSY@xxxxxxxxxxxxxxxx
Skickat: 2004-04-29  16:38:59
Till: tme10-XtjxT7Vmt5b1ENwx4SLHqw@xxxxxxxxxxxxxxxx
Ämne: [tme10] [FW] MS04-011 causing Tivoli user  rights to disappear?


> 
> Hello list.
> 
> Has anyone seen problems with Microsoft security patch MS04-011 after 
> reboot of ep?
> 
> Our Windows team is patching like never before and on some servers the

> user rights that the ep relies on are removed after reboot!!!!
> 
> This is bad news, since we can no longer run RC, tasks etc. on the 
> ep's. We are still trying to do some damage control around here to 
> analyze what is going on.
> 
> Luckily ITM seems unaffected at the moment but we have just this 
> afternoon start to study this problem.
> 
> Our Windows folks says that this is a VERY serious security threat and

> I would guess that this means that more customers will be applying 
> this patch this week???
> 
> 
> /Gus