RE: default for requiring authentication 2003



Thanks to all for the clarification and the links. He sounded so convinced
that I doubted myself.

Kurt wrote;
Your nemesis is thinking of older versions of Windows.

Bwahaha! Moriarty is foiled again...through the deductive powers of the
security focus list...

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On Behalf Of Kurt Dillard
Sent: Friday, June 13, 2008 2:39 AM
To: 'Murda Mcloud'; focus-ms@xxxxxxxxxxxxxxxxx
Subject: RE: default for requiring authentication 2003

Murda,
You are correct, in Windows XP, 2003, and later the Everyone group only
includes Authenticated Users, it no longer includes Anonymous Users. You
can
change this but Microsoft strongly recommends against doing so. Your
nemesis
is thinking of older versions of Windows.

Kurt

-----Original Message-----
From: listbounce@xxxxxxxxxxxxxxxxx [mailto:listbounce@xxxxxxxxxxxxxxxxx]
On
Behalf Of Murda Mcloud
Sent: Wednesday, June 11, 2008 11:45 PM
To: focus-ms@xxxxxxxxxxxxxxxxx
Subject: default for requiring authentication 2003


I'm having a debate with someone over whether a 2003 server by default
(OOB)forces someone to authenticate(whether to a DC or to the server
itself
if standalone) before allowing access to files.



He seems to think that the default is that no authentication is required
and
consequently anyone could rock up and connect a laptop to a network with
that server on it and get access to files on it-as the EVERYONE group is
given read permissions to new folders etc.



I say he is wrong but am looking hard to find something to back me up.

I understand that the guest account could access files as it is part of
the
EVERYONE group but it's disabled by default-but still, there is an
authentication process for guest to login





Relevant Pages