Article ID: 321933 - View products that this article applies to.
This article was previously published under Q321933
This article has been archived. It is offered "as is" and will no longer be updated.
When you use the Security Configuration and Analysis snap-in in Microsoft Management Console (MMC), the list of services in the System Services folder may be empty.
An interactive user does not have Full Control permissions for all services. The minimum permissions that a user requires to view the list should be Read.
Service Pack InformationTo resolve this problem, obtain the latest service pack for Microsoft Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/260910/EN-US/ )How to Obtain the Latest Windows 2000 Service Pack
Hotfix InformationA supported hotfix is available from Microsoft. However, this hotfix is intended to correct only the problem that is described in this article. Apply this hotfix only to systems that are experiencing this specific problem.
If the hotfix is available for download, there is a "Hotfix download available" section at the top of this Knowledge Base article. If this section does not appear, submit a request to Microsoft Customer Service and Support to obtain the hotfix.
Note If additional issues occur or if any troubleshooting is required, you might have to create a separate service request. The usual support costs will apply to additional support questions and issues that do not qualify for this specific hotfix. For a complete list of Microsoft Customer Service and Support telephone numbers or to create a separate service request, visit the following Microsoft Web site:
http://support.microsoft.com/contactus/?ws=supportNote The "Hotfix download available" form displays the languages for which the hotfix is available. If you do not see your language, it is because a hotfix is not available for that language. The English version of this fix should have the following file attributes or later:
Date Time Version Size File name -------------------------------------------------------- 08-May-2002 11:33 5.0.2195.5655 123,664 Adsldp.dll 08-May-2002 11:33 5.0.2195.5655 130,832 Adsldpc.dll 08-May-2002 11:33 5.0.2195.5725 62,736 Adsmsext.dll 08-May-2002 11:33 5.0.2195.5720 357,648 Advapi32.dll 08-May-2002 11:33 5.0.2195.5595 135,952 Dnsapi.dll 08-May-2002 11:33 5.0.2195.5595 96,016 Dnsrslvr.dll 08-May-2002 11:33 5.0.2195.5722 45,328 Eventlog.dll 08-May-2002 11:33 5.0.2195.5639 146,192 Kdcsvc.dll 22-Apr-2002 13:24 5.0.2195.5640 199,952 Kerberos.dll 02-May-2002 15:44 5.0.2195.5724 71,024 Ksecdd.sys 07-May-2002 11:40 5.0.2195.5744 504,080 Lsasrv.dll 07-May-2002 11:40 5.0.2195.5744 33,552 Lsass.exe 07-Dec-2001 17:05 5.0.2195.4745 107,280 Msv1_0.dll 08-May-2002 11:33 5.0.2195.5626 306,960 Netapi32.dll 08-May-2002 11:33 5.0.2195.5723 360,208 Netlogon.dll 08-May-2002 11:33 5.0.2195.5719 916,752 Ntdsa.dll 08-May-2002 11:33 5.0.2195.5585 386,832 Samsrv.dll 08-May-2002 11:33 5.0.2195.5757 128,784 Scecli.dll 08-May-2002 11:33 5.0.2195.5757 299,792 Scesrv.dll 04-May-2002 13:34 5.0.2195.5736 62,464 Sp3res.dll 08-May-2002 11:33 5.0.2195.5677 48,912 W32time.dll 25-Apr-2002 16:15 5.0.2195.5677 57,104 W32tm.exe 08-May-2002 11:33 5.0.2195.5737 125,712 Wldap32.dll 07-May-2002 11:40 5.0.2195.5744 504,080 Lsasrv.dll
To work around this problem, select a user to be responsible for configuring security on services. Grant that user Full Control permissions for all services. Make sure that the Everyone group has Read permissions and that the System account has Full Control permissions.
Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Microsoft Windows 2000 Service Pack 4.
The list of services may still be empty after you apply this hotfix if the interactive user does not have a minimum of Read permissions to all services. This behavior is by design. When you apply permissions for services, make sure that the Everyone group has Read permissions and that the System account has Full Control permissions. You can use additional permissions to control which users can start, stop, or configure services.
To set Read permissions for all services, use the Security Templates snap-in to create a template with the correct permissions for all services, and then apply the template to the computer by using the Security Configuration and Analysis snap-in. Or, you can use the Sc.exe tool (from the Microsoft Windows 2000 Resource Kit) with the /sdset switch to manually configure permissions for each service.
For additional information about how to obtain a hotfix for Windows 2000 Datacenter Server, click the article number below to view the article in the Microsoft Knowledge Base:
265173For additional information about how to install multiple hotfixes with only one reboot, click the article number below to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/265173/EN-US/ )The Datacenter Program and Windows 2000 Datacenter Server Product
(http://support.microsoft.com/kb/296861/EN-US/ )Use QChain.exe to Install Multiple Hotfixes with One Reboot
Article ID: 321933 - Last Review: October 26, 2013 - Revision: 3.0