G
Guest
I recently installed Fax Services on a Windows Server 2003 Domain Controller
(not SBS). I have been able to fax using the shared fax printer from the
server as well as from several workstations. Finally, I rolled out the
shared fax printer to all workstations on the network and have noticed that
whenever a user tries to fax from their workstation, it never makes it to the
outgoing fax queue. I did some testing, and I was only able get faxes to the
outgoing fax queue when I made the user a member of the DOMAIN\Administrators
security group. Although it works, for obvious reasons, it scares me to have
users running around the network with these kinds of privileges.
When a user tries to fax using their standard network permissions (where the
fax never makes it to the outgoing fax queue) I see the following events
generated in the System Event log on the server:
ID 11: Document # Fax Note owned by %username% was paused on Fax
ID 12: Document # Fax Note owned by %username% was resumed on Fax
ID 13: Document # Fax Note owned by %username% was deleted on Fax
When I send a fax to the shared fax printer as a member of the
DOMAIN\Administrators security group, I typically see the following series of
evens in the System Event log on the server:
ID 11: Document # Fax Note owned by %username% was paused on Fax
ID 12: Document # Fax Note owned by %username% was resumed on Fax
ID 10: Document # owned by NETWORK SERVICE was printed on Fax via port
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows
NT\MSFax\Queue\%filename%.tmp
ID 13: Document # Fax Note owned by %username% was deleted on Fax
For some reason it seems that when the user is not a member of the
DOMAIN\Administrators security group, the fax is never submitted by the
NETWORK SERVICE account. Is there some place where I am missing a
permissions configuration? I have already granted the EVERYONE group full
privileges in the Fax Service Manager as well as on the shared fax printer.
Thanks so much!
(not SBS). I have been able to fax using the shared fax printer from the
server as well as from several workstations. Finally, I rolled out the
shared fax printer to all workstations on the network and have noticed that
whenever a user tries to fax from their workstation, it never makes it to the
outgoing fax queue. I did some testing, and I was only able get faxes to the
outgoing fax queue when I made the user a member of the DOMAIN\Administrators
security group. Although it works, for obvious reasons, it scares me to have
users running around the network with these kinds of privileges.
When a user tries to fax using their standard network permissions (where the
fax never makes it to the outgoing fax queue) I see the following events
generated in the System Event log on the server:
ID 11: Document # Fax Note owned by %username% was paused on Fax
ID 12: Document # Fax Note owned by %username% was resumed on Fax
ID 13: Document # Fax Note owned by %username% was deleted on Fax
When I send a fax to the shared fax printer as a member of the
DOMAIN\Administrators security group, I typically see the following series of
evens in the System Event log on the server:
ID 11: Document # Fax Note owned by %username% was paused on Fax
ID 12: Document # Fax Note owned by %username% was resumed on Fax
ID 10: Document # owned by NETWORK SERVICE was printed on Fax via port
C:\Documents and Settings\All Users\Application Data\Microsoft\Windows
NT\MSFax\Queue\%filename%.tmp
ID 13: Document # Fax Note owned by %username% was deleted on Fax
For some reason it seems that when the user is not a member of the
DOMAIN\Administrators security group, the fax is never submitted by the
NETWORK SERVICE account. Is there some place where I am missing a
permissions configuration? I have already granted the EVERYONE group full
privileges in the Fax Service Manager as well as on the shared fax printer.
Thanks so much!