Services Are Not Listed in the Security Configuration and Analysis Snap-in

Hotfix Download Available
View and request hotfix downloads

View products that this article applies to.

This article was previously published under Q321933

SYMPTOMS

When you use the Security Configuration and Analysis snap-in in Microsoft Management Console (MMC), the list of services in the System Services folder may be empty.

Back to the top

CAUSE

An interactive user does not have Full Control permissions for all services. The minimum permissions that a user requires to view the list should be Read.

Back to the top

RESOLUTION

Service Pack Information

To resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 (http://support.microsoft.com/kb/260910/EN-US/ ) How to Obtain the Latest Windows 2000 Service Pack

Back to the top

Hotfix Information

A supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.

If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.

Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:

http://support.microsoft.com/contactus/?ws=support (http://support.microsoft.com/contactus/?ws=support)

Note The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language. The English version of this fix should have the following file attributes or later:

   Date         Time   Version        Size     File name
   --------------------------------------------------------
   08-May-2002  11:33  5.0.2195.5655  123,664  Adsldp.dll
   08-May-2002  11:33  5.0.2195.5655  130,832  Adsldpc.dll
   08-May-2002  11:33  5.0.2195.5725   62,736  Adsmsext.dll
   08-May-2002  11:33  5.0.2195.5720  357,648  Advapi32.dll
   08-May-2002  11:33  5.0.2195.5595  135,952  Dnsapi.dll
   08-May-2002  11:33  5.0.2195.5595   96,016  Dnsrslvr.dll
   08-May-2002  11:33  5.0.2195.5722   45,328  Eventlog.dll
   08-May-2002  11:33  5.0.2195.5639  146,192  Kdcsvc.dll
   22-Apr-2002  13:24  5.0.2195.5640  199,952  Kerberos.dll
   02-May-2002  15:44  5.0.2195.5724   71,024  Ksecdd.sys
   07-May-2002  11:40  5.0.2195.5744  504,080  Lsasrv.dll
   07-May-2002  11:40  5.0.2195.5744   33,552  Lsass.exe
   07-Dec-2001  17:05  5.0.2195.4745  107,280  Msv1_0.dll
   08-May-2002  11:33  5.0.2195.5626  306,960  Netapi32.dll
   08-May-2002  11:33  5.0.2195.5723  360,208  Netlogon.dll
   08-May-2002  11:33  5.0.2195.5719  916,752  Ntdsa.dll
   08-May-2002  11:33  5.0.2195.5585  386,832  Samsrv.dll
   08-May-2002  11:33  5.0.2195.5757  128,784  Scecli.dll
   08-May-2002  11:33  5.0.2195.5757  299,792  Scesrv.dll
   04-May-2002  13:34  5.0.2195.5736   62,464  Sp3res.dll
   08-May-2002  11:33  5.0.2195.5677   48,912  W32time.dll
   25-Apr-2002  16:15  5.0.2195.5677   57,104  W32tm.exe
   08-May-2002  11:33  5.0.2195.5737  125,712  Wldap32.dll
   07-May-2002  11:40  5.0.2195.5744  504,080  Lsasrv.dll

Back to the top

WORKAROUND

To work around this problem, select a user to be responsible for configuring security on services. Grant that user Full Control permissions for all services. Make sure that the Everyone group has Read permissions and that the System account has Full Control permissions.

Back to the top

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft Windows 2000 Service Pack 4.

Back to the top

MORE INFORMATION

The list of services may still be empty after you apply this hotfix if the interactive user does not have a minimum of Read permissions to all services. This behavior is by design. When you apply permissions for services, make sure that the Everyone group has Read permissions and that the System account has Full Control permissions. You can use additional permissions to control which users can start, stop, or configure services.

To set Read permissions for all services, use the Security Templates snap-in to create a template with the correct permissions for all services, and then apply the template to the computer by using the Security Configuration and Analysis snap-in. Or, you can use the Sc.exe tool (from the Microsoft Windows 2000 Resource Kit) with the /sdset switch to manually configure permissions for each service.

For additional information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the article number below to view the article in the Microsoft Knowledge Base:

265173 (http://support.microsoft.com/kb/265173/EN-US/ ) The Datacenter Program and Windows 2000 Datacenter Server Product

For additional information about how to install multiple hotfixes with only one reboot, click the article number below to view the article in the Microsoft Knowledge Base:

296861 (http://support.microsoft.com/kb/296861/EN-US/ ) Use QChain.exe to Install Multiple Hotfixes with One Reboot

Back to the top