SBS 2000 accounts security settings

From: Perikles P. Mourikis (mourikis@dreamtech.gr)
Date: 06/03/02


Date: Mon, 3 Jun 2002 14:21:06 +0300
From: "Perikles P. Mourikis" <mourikis@dreamtech.gr>
To: <focus-ms@securityfocus.com>

I have noticed that Microsoft's product Small Business Server 2000 (SBS 2000) has the "Guest" template group being a member of Domain Guests , Guests and Domain Users.
Also ISR_MACHINE and IWAM_MACHINE are members of Domain Users and Guests.
Does anybody knows any known issues with removing the Domain Users membership from these accounts?
Are there any known exploits of this configuration? (assuming the SBS 2000 is patched properly...)

TIA
Perikles