Re: DCOM access from a different domain (yes another accessdenied question)

Hi Graham,

Below is the feedback I got from internal consulting:

In Window Server 2003:

1. The guest account is disabled by default -- no anonymous logon.
2. Restrict Anonymous access is enabled.

Anonymous logon does not work unless you enable the Guest account in Server
2003 -- A serious security RISK. Not recommended.

Disabling Restrict Anonymous access opens up the server to a higher
potential for compromise -- anyone can read the list of users accounts and
attempt a dictionary password attack.

An unprivileged user account with a password assigned on the required
permissions would be a better choice in this situation.

Hope this helps

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

.

Relevant Pages

  • Re: Same question, still no answer!!!
    ... You'd be happier buying Win 2000 Server. ... > to use) but the other 4 pc's all only share a "temp" folder. ... > Expectation #1) keep the ethernet more or less as is. ... > this Guest account just moves the problem to item #2. ...
    (microsoft.public.windowsxp.basics)
  • Re: Same question, still no answer!!!
    ... These are the results of group policy, ie what it does to the machine. ... You'd be happier buying Win 2000 Server. ... > Expectation #1) keep the ethernet more or less as is. ... > this Guest account just moves the problem to item #2. ...
    (microsoft.public.windowsxp.basics)
  • Re: SBS 2003 server sharing a folder to a non authenticated user or device (can it be done?)
    ... Plus exchange and SQL do consume quite a bit of non-paged pool and this has the effect of making the server cough occasionally, you only see this at high IO times. ... What you MUST be aware of the the whapping security hole the guest account will drive into your network. ... Someone must have done an impact analysis for enabling the guest account on a default SBS install.. ... authentication and will use Exchange ...
    (microsoft.public.windows.server.sbs)
  • Re: New Microsoft Exchange Server Vulnerability
    ... It requires the guest account be turned on, and that the smtp virtual server ... visitors use a mail server anonymously, but because of security issues, the ... most highly-anticipated industry event of the year. ...
    (Focus-Microsoft)
  • Re: Anonymous folder access
    ... server to run a computer inventory/help desk solution called Track-It. ... but to do that each user would have to have access to the shares on ... for disaster as anyone that can reach the machine on the network ... One is to enable the Guest account ...
    (microsoft.public.windows.server.security)