Windows 2000 Active Directory reveals too much information.
From: news.tamu.edu (andrerojde2004_at_gmail.com)
Date: 11/11/04
- Previous message: Bill: "Folder Permissions Reset Themselves"
- Next in thread: Steven L Umbach: "Re: Windows 2000 Active Directory reveals too much information."
- Reply: Steven L Umbach: "Re: Windows 2000 Active Directory reveals too much information."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 11 Nov 2004 09:57:30 -0600
I installed the Windows 2000 Administration Pack on a desktop and launched
it as a regular user (no admin rights on the domain), and I was able to see
just about everything in Active Directory, like what groups exist, what the
individual settings are for all users, groups, objects. Basically
everything was visible, but actions such as reset password and create new
user were not enabled.
I looked at individual security settings for each user and seems like the
group "Everyone" and "Authenticated Users" has Read access. I read up on
Active Directory security and Microsoft says to keep the default settings.
These are the default settings.
So how do I make Active Directory not reveal so much information?
- Previous message: Bill: "Folder Permissions Reset Themselves"
- Next in thread: Steven L Umbach: "Re: Windows 2000 Active Directory reveals too much information."
- Reply: Steven L Umbach: "Re: Windows 2000 Active Directory reveals too much information."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
