Статус: Новичок
Группы: Участники
Зарегистрирован: 19.01.2021(UTC) Сообщений: 9
|
Автор: Максим Коллегин Очень хотелось бы разобраться в проблеме. Есть возможность передать нам проблемную машину? Посовещался с представителями в московском офисе, они не смогут этого сделать в виду закрытости системы и многих включенных ограничений через политики в системе. В присутствии представителя компании тоже проблематично. Остаётся надежда на «удалённое» решение путём проб. Автор: Максим Коллегин А что у вас в реестре по пути? Цитата:HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA\LsaCfgFlags Код:"LsaCfgFlags"=dword:00000001
Сделал выгрузку пути HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\LSA: Код:Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"auditbasedirectories"=dword:00000000
"auditbaseobjects"=dword:00000000
"Bounds"=hex:00,30,00,00,00,20,00,00
"crashonauditfail"=dword:00000000
"fullprivilegeauditing"=hex:00
"LimitBlankPasswordUse"=dword:00000001
"NoLmHash"=dword:00000001
"Security Packages"=hex(7):22,00,22,00,00,00,63,00,70,00,73,00,73,00,70,00,61,\
00,70,00,00,00,00,00
"Notification Packages"=hex(7):73,00,63,00,65,00,63,00,6c,00,69,00,00,00,00,00
"Authentication Packages"=hex(7):6d,00,73,00,76,00,31,00,5f,00,30,00,00,00,00,\
00
"LsaPid"=dword:00000320
"LsaCfgFlagsDefault"=dword:00000000
"SecureBoot"=dword:00000001
"ProductType"=dword:00000004
"disabledomaincreds"=dword:00000001
"everyoneincludesanonymous"=dword:00000000
"forceguest"=dword:00000000
"restrictanonymous"=dword:00000001
"restrictanonymoussam"=dword:00000001
"lmcompatibilitylevel"=dword:00000005
"LsaCfgFlags"=dword:00000001
"Default TLS SSP"="CP_Microsoft Unified Security Protocol Provider"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders]
"MartaExtension"="ntmarta.dll"
"ProviderOrder"=hex(7):57,00,69,00,6e,00,64,00,6f,00,77,00,73,00,20,00,4e,00,\
54,00,20,00,41,00,63,00,63,00,65,00,73,00,73,00,20,00,50,00,72,00,6f,00,76,\
00,69,00,64,00,65,00,72,00,00,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\AccessProviders\Windows NT Access Provider]
"ProviderPath"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,00,6f,\
00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,5c,00,\
6e,00,74,00,6d,00,61,00,72,00,74,00,61,00,2e,00,64,00,6c,00,6c,00,00,00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Audit\PerUserAuditing]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\CachedMachineNames]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\CentralizedAccessPolicies]
"MaxDataSize"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\CentralizedAccessPolicies\CAPEs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\CentralizedAccessPolicies\CAPs]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ComponentUpdates]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ComponentUpdates\Privileges]
"01F9BAE5-4C53-4339-A356-40E5B3A3E577"="PrivilegeAdd;S-1-5-80-3169285310-278349998-1452333686-3865143136-4212226833;SeServiceLogonRight"
"C4C85B72-59EB-4DDB-9EF0-ECF40A264FF5"="PrivilegeAdd;S-1-5-80-3169285310-278349998-1452333686-3865143136-4212226833;SeSystemTimePrivilege"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ComponentUpdates\SecurityInstallationProvider]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\ComponentUpdates\SecurityInstallationProvider\S-1-5-19]
"Group1"=hex:01,09,00,00,00,00,00,05,20,00,00,00,57,96,d8,16,cd,3d,b8,c7,3a,b6,\
ab,6d,68,2e,79,6c,5e,fa,8b,5d,5a,10,40,fa,97,46,b3,04,43,7c,42,54
"Group2"=hex:01,09,00,00,00,00,00,05,20,00,00,00,1b,ca,59,79,65,09,e3,10,7a,29,\
f9,cb,59,19,d9,d5,99,a9,a7,2d,95,44,da,b4,72,8f,4a,d3,0b,d9,30,24
"Group3"=hex:01,09,00,00,00,00,00,05,20,00,00,00,17,88,1e,da,76,47,80,88,33,2f,\
11,43,fe,50,53,db,3e,dc,12,4d,18,f4,00,81,7d,92,f5,69,57,9b,bb,9a
"Group4"=hex:01,09,00,00,00,00,00,05,20,00,00,00,50,2e,b3,00,38,03,9d,7d,04,d9,\
3a,cd,69,6f,76,f6,dc,95,e8,e4,46,fa,83,df,6f,5b,17,e5,ad,34,fe,27
"Group5"=hex:01,09,00,00,00,00,00,05,20,00,00,00,b0,77,0a,d2,9d,e6,0f,68,03,6b,\
55,2f,52,ef,49,28,b4,ba,56,6f,c7,e5,57,74,90,ab,44,42,8e,32,58,7a
"Group6"=hex:01,09,00,00,00,00,00,05,20,00,00,00,92,df,b7,58,f1,cd,0f,33,ea,60,\
53,5a,51,db,4c,52,3e,8b,7f,b1,f2,8f,d1,84,04,9f,d0,34,92,93,09,a7
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp]
"DebugLogLevel"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentials]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsDomain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsWhenNTLMOnly]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowDefaultCredentialsWhenNTLMOnlyDomain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentials]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsDomain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnly]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowFreshCredentialsWhenNTLMOnlyDomain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentials]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsDomain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnly]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\AllowSavedCredentialsWhenNTLMOnlyDomain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\DenyDefaultCredentials]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\DenyDefaultCredentialsDomain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\DenyFreshCredentials]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\DenyFreshCredentialsDomain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\DenySavedCredentials]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Credssp\PolicyDefaults\DenySavedCredentialsDomain]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Data]
"Pattern"=hex:b5,1b,35,d6,47,62,53,1d,c1,34,73,9f,a9,14,4b,ba
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\DPL]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\FipsAlgorithmPolicy]
"Enabled"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\GBG]
"GrafBlumGroup"=hex:65,fc,df,fe,6f,af,30,48,81
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\JD]
"Lookup"=hex:7c,bd,eb,f2,50,37
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Domains]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\HostToRealm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Kerberos\Parameters]
"MaxPacketSize"=dword:00000001
"MaxTokenSize"=dword:0000ffff
"FreshnessOptimism"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0]
"Auth132"="IISSUBA"
"NtlmMinClientSec"=dword:20000000
"NtlmMinServerSec"=dword:20000000
"IsolatedCredentialsRootSecret"=hex:92,00,00,00,00,00,00,00,0e,00,00,00,64,00,\
00,00,01,00,00,00,01,01,00,00,01,00,00,00,20,aa,d7,1c,ea,dd,ff,4d,92,01,d9,\
43,c4,38,d8,c1,0f,ee,8d,ee,b0,2d,3b,da,b5,22,d7,61,03,72,0c,64,36,12,69,36,\
60,ee,9c,09,8a,96,b7,27,35,a2,fe,cc,01,00,00,00,00,00,00,00,00,00,00,00,00,\
00,00,00,01,00,00,00,20,00,00,00,4e,74,6c,6d,52,6f,6f,74,53,65,63,72,65,74,\
2d,a0,81,64,74,37,1e,73,e3,7d,2f,69,41,9d,37,bf,d9,d1,23,58,d0,66,1b,48,6b,\
b7,8e,77,8c,4c,57,38
"allownullsessionfallback"=dword:00000001
"auditreceivingntlmtraffic"=dword:00000002
"restrictsendingntlmtraffic"=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\OfflineLSA]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\OfflineLSA\DBOptions]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\OfflineSAM]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\OfflineSAM\DBOptions]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\OSConfig]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\pku2u]
"allowonlineid"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Skew1]
"SkewMatrix"=hex:14,8e,78,60,6f,e4,ac,21,0e,80,ef,70,16,50,0f,2d
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SSO\Passport1.4]
"SSOURL"="http://www.passport.com"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache]
"Time"=hex:62,76,d3,60,3e,3e,d8,01
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\SspiCache\credssp.dll]
"Name"="CREDSSP"
"Comment"="Microsoft CredSSP Security Provider"
"Capabilities"=dword:00810733
"RpcId"=dword:0000ffff
"Version"=dword:00000001
"TokenSize"=dword:000161c7
"Time"=hex:ac,f6,dd,fc,38,3e,d8,01
"Type"=dword:00000021
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\Tracing]
|