Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

LDMS 6.1 security and also SMS

0 views
Skip to first unread message

Scott Oliver

unread,
Jul 14, 1998, 3:00:00 AM7/14/98
to
I have two issues that I would greatly appreciate any help with:

Could you please tell me where I could find information about using Microsoft's
SMS and LDSM 6.1 for network management. I printed out an article from the
Intel site titled "Centralized control for managing networked PC's", but this
article only states that it is possible to integrate the two products.

Currently we are having a problem with security through LDMS. It seems that the
LDMS 6.1 software can't perform any application pushes without the user having
administrative rights on their local NT 4.0 machine. We get an error message
pertaining to insufficient rights to write to the registry. The workaround seems to
be installing the Intranetware 4.11a client on all NT 4.0 desktops and
having our Novell 4.11 tree control the users rights by temporarily applying
administrative rights to the user and then taking them away after the
application push has been completed. This seems to be a very time consuming way of
of getting this to work! Any help would be greatly appreciated.

Thanks,
Scott

Not a support person

unread,
Jul 14, 1998, 3:00:00 AM7/14/98
to
NT users most emphatically do not require admin rights to receive push (or even pull) packages. This is because the packages are installed by an agent running as an NT service, not by the logged in user. Packages can even be pushed when nobody is logged in.

The only way that I know of to get an error message about insufficient rights to write to the registry is when you execute the package manually, without using the push or the pull mechanism.

Perhaps it would help if you described precisely how you are using sw distribution and what error message you are getting when and where.

Scott Oliver

unread,
Jul 15, 1998, 3:00:00 AM7/15/98
to
I appreciate the response regarding my LDMS security question, but is this
documented anywhere, so that I could show the information to our Novell staff?

I just need this to be official from Intel regarding how the LDSM pushes the
applications out to machines. If what you are saying is true, then the need
for the Intranetware client 4.11a on all of our NT 4.0 desktops is moot.

Any information is greatly appreciated

Thanks,

Scott

Jan B

unread,
Jul 15, 1998, 3:00:00 AM7/15/98
to
I can't pinpoint a particular page in the manual that says how a push really works. But seeing is believing, why don't do a simple test/demo such as the following:

* Build a snapshot package that modifies a registry key that is normally protected, such as hkey_local_machine\software\microsoft\windows\currentversion\runonce (create a string value with an arbitrary name and value some program name such as "notepad").
* Convince yourself that a non-privileged user is denied the right to modify this key.
* Push the package to an NT client with nobody logged in (or with a non-privileged user logged in, doesn't make a difference)
* Convince yourself that the package has worked

Two further hints while you're trying the above:
* Before you distribute the same package to the same client a second time, you need to remove it first, otherwise you get the "back-to-back distributions not supported" error.
* Need to make sure users have the same rights to the packages directory (SYS:Intel\DTM\SWDIST by default) and the targets directory (SYS:Intel\DTM\SWDIST\targets by default) that user LANDESK_SD_CLIENT has. Otherwise distribution will fail when a user is logged in.

Disclaimer: I am not a support engineer and I participate in this forum on a goodwill basis only. Views expressed in my postings are my own and not those of intel.

0 new messages