Focus on Microsoft
default for requiring authentication 2003 Jun 12 2008 02:45AM
Murda Mcloud (murdamcloud bigpond com) (5 replies)
RE: default for requiring authentication 2003 Jun 12 2008 06:47PM
Matt Roca (meroca peoplecube com)
RE: default for requiring authentication 2003 Jun 12 2008 05:40PM
David LeBlanc (dleblanc mindspring com)
RE: default for requiring authentication 2003 Jun 12 2008 04:38PM
Kurt Dillard (kurtdillard msn com) (1 replies)
RE: default for requiring authentication 2003 Jun 12 2008 10:22PM
Murda Mcloud (murdamcloud bigpond com) (1 replies)
Re: default for requiring authentication 2003 Jun 13 2008 02:34AM
Kevin (rot_betruger sbcglobal net) (1 replies)
RE: default for requiring authentication 2003 Jun 17 2008 01:10AM
Murda Mcloud (murdamcloud bigpond com)
RE: default for requiring authentication 2003 Jun 12 2008 04:27PM
James D. Stallard (james leafgrove com) (1 replies)
RE: default for requiring authentication 2003 Jun 12 2008 07:33PM
Kurt Dillard (kurtdillard msn com) (1 replies)
RE: default for requiring authentication 2003 Jun 13 2008 08:43AM
James D. Stallard (james leafgrove com) (1 replies)
RE: default for requiring authentication 2003 Jun 13 2008 04:25PM
Kurt Dillard (kurtdillard msn com)
RE: default for requiring authentication 2003 Jun 12 2008 04:14PM
Cawthray, Stewart (stewart cawthray td com)
By Default on Windows Server 2003 R2 the Everyone group is given Read access to the Share.

However the Everyone group is not given NTFS rights to folder or files which are shared. So the a user could connect to the share but would not be able to see the files or access them unless they have an authenticated account which has been given NTFS rights to folder and files.

Why the Everyone group is given Share rights I can only guess is for ease of use in creating shares. If you do not use NTFS for your files systems then the Everyone Group will have access to the files.

Use NTFS!

Stewart Cawthray

-----Original Message-----
From: listbounce (at) securityfocus (dot) com [email concealed] [mailto:listbounce (at) securityfocus (dot) com [email concealed]] On Behalf Of Murda Mcloud
Sent: June-11-08 10:45 PM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: default for requiring authentication 2003

I'm having a debate with someone over whether a 2003 server by default
(OOB)forces someone to authenticate(whether to a DC or to the server itself
if standalone) before allowing access to files.

He seems to think that the default is that no authentication is required and
consequently anyone could rock up and connect a laptop to a network with
that server on it and get access to files on it-as the EVERYONE group is
given read permissions to new folders etc.

I say he is wrong but am looking hard to find something to back me up.

I understand that the guest account could access files as it is part of the
EVERYONE group but it's disabled by default-but still, there is an
authentication process for guest to login

********************
NOTICE OF CONFIDENTIALITY
This communication including any information transmitted with it is
intended only for the use of the addressees and is confidential.
If you are not an intended recipient or responsible for delivering
the message to an intended recipient, any review, disclosure,
conversion to hard copy, dissemination, reproduction or other use
of any part of this communication is strictly prohibited, as is the
taking or omitting of any action in reliance upon this communication.
If you receive this communication in error or without authorization
please notify us immediately by return e-mail or otherwise and
permanently delete the entire communication from any computer,
disk drive, or other storage medium.

If the above disclaimer is not properly readable, it can be found at
www.td.com/legal

AVERTISSEMENT DE CONFIDENTIALITE
Ce courriel, ainsi que tout renseignement ci-inclus, destiné uniquement
aux destinataires susmentionnés, est confidentiel. Si vous
n?êtes pas le destinataire prévu ou un agent responsable de la
livraison de ce courriel, tout examen, divulgation, copie, impression,
reproduction, distribution, ou autre utilisation d?une partie de ce
courriel est strictement interdit de même que toute intervention ou
abstraction à cet égard. Si vous avez reçu ce message par erreur ou
sans autorisation, veuillez en aviser immédiatement l?expéditeur par
retour de courriel ou par un autre moyen et supprimer immédiatement
cette communication entière de tout système électronique.

Si l'avis de non-responsabilité ci-dessus n'est pas lisible, vous
pouvez le consulter à www.td.com/francais/legale

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus