> Administrator is generally logged in to the machine.
That's no more meaningful than 'root is generally logged on to the
machine' would be in the *nix world.
The current interactive user can have mapped drives and network access
that service account--the user that appears in the Services control
panel as the security context under which each IMail service
runs--does not have. By default, most services run in the SYSTEM
context, which is sandboxed away from network access. You have to
change this account to allow your services to access any network file
shares. Any processes created by such a service (such as DECLUDE.EXE)
will, by default, run the same security context as the service itself
(IMail does not apply any new context to processes created by its
EXEs, but applications can be coded that way).
> I'm learning a lot more about Windows networking/file sharing than I
> wanted to just messing with these log files.
Well, shouldn't learning about Windows be a natural part of being the
admin of a Windows box? :)
> Yes, I use Explorer on the iwn2K box to map the drive. I set it to
> "log in as" Administrator to set up the share.
This still pertains merely to the interactive user's access to the
share; the "Log In As" is irrelevant for services, since it only
applies when the user connects from the console (a.k.a.
interactively). Not only do service account need to have network
access to the share, service accounts don't get assigned drive letters
by default--in other words, even if Administrator gets an F: drive
when you log in at the console, if you set up a service to run as
Administrator, the service won't see the F: drive. It will see the
\\Server\Share path, however.
> 1. How should I set up the share for it to be available if no-one is
> logged in
If an Administrator account can access the share using the same login
credentials that it uses to log on to the local machine, then it can
already access it seamlessly when a service uses the Administrator
account as its security context.
> 2. Can Declude use 'LOGFILE \\machine-name\share-name'
This is one point that I have not tested (I am generally opposed to
the whole idea of writing busy logs over SMB, as it could cripple
performance).
> 3. If 2 is YES then how does one create a UNC path that also logs in to the
> share as a specific user
There is no way to specify a security context for the UNC that is
different from the security context for the service. You set this up
in Control Panel-Services.
> 4. How can I change the permissions on the XP box where the share is
> located so it can be written to by system processes on the mail
> server. I logged in to the XP box as Administrator and get the same
> options I had as a user.
Under "share permissions," enable Full Control for the accounts you
want to grant Full Control to. By default on XP, all users are
read-only.
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into Declude!
http://www.mailmage.com/download/software/freeutils/SPAMC32/Release/
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
