Re: windows new users?


of course they are there if you executed the command because those 2
accounts are still there in your system.

For me, I going to delete them away unless some windows programmer or real
experts can SPECIFICALLY some RREEAAAAALLLLLY SPECIAL
reason(s)(which most likely I don't think it will have becuase they ONLY
THING they do is to allow someone who know the password of the accounts, or
the creator, to login to the system), most likely I would think it as a big
security issue and advise everyone else to delete them away.


"John John - MVP" wrote:

Sorry, my mistake, they are members of the "Users" group. But the
information is still the same, if you remove these users you will run
into problems sooner or later. These accounts are on all my XP
machines, they're not a result of virus activity. This is the output of
the 'net localgroup users' command on my machine:

Alias name users
Comment Users are prevented from making accidental or intentional
system-wide changes. Thus, Users can run certified applications, but
not most legacy applications

Members

-------------------------------------------------------------------------------
ASPNET
NT AUTHORITY\Authenticated Users
NT AUTHORITY\INTERACTIVE
The command completed successfully.

John

cscw wrote:
Hi

Thanks John. However, the 2 accounts that I mentioned abv is some username
and not a group. It appear as a username and not a group although it is named
"userS" in the account name and they are security principal identifier
accounts..

Is there a possibly that it is a bugs or virusby by coincident(cos the
account is named "nt authority(some domain)\"username"(realusers\security
principal)?

Does everyone else here have these 2 username accounts in windows xp/windows
server 2003 sp2 and abv?

Can the experts here advise me SPECIFICALLY on where are they used for?

Thanks for the help.

"John John - MVP" wrote:

Sooner or later you *will* have problems with your Server 2003
installation if you remove these groups, you will have problems with
many of your server tools if the Authenticated Users group is not
present. With the ever increasing push to secure and lock down machines
those without the Authenticated Users group will hit into a brick wall!
On Vista and Server 2008 removing the Authenticated users may prevent
Explorer.exe from starting. On Windows XP some remote services will not
work, for example you will not be able to receive remote assistance if
you remove the Authenticated Users group. This Authenticated Users
group was created to plug security holes with the Null Sessions, see
here for more explanations:

http://www.microsoft.com/msj/0299/security/security0299.aspx
Security Briefs Q&A, MSJ February 1999

John

cscw wrote:
hi

[Quote]
The Authenticated Users group is the same as the Everyone group except it >does not contain anonymous users.
[end quote]

http://tinyurl.com/l5m8bv

John
Are you sure? I want to know WHY microsoft is configuring that that 2 type
of users(which look a group since it is named as "authenticated
users"/"interactive" but is actually just some security principal USER) to
login to the system?

From your answers abv, Isn't it a big security bug(because those are
actually "everyone") if your explaination is true?

[quote]
logons. Which applications do users use that requires users to be
members of these security principals? If you aren't a member of these
groups you cannot use Winlogon.exe and you cannot logon to the computer!
[end quote]

From your answer abv, after they use winlogon.exe to login, which
application are they trying to use? WHY microsoft are MAKING them to logon BY
DEFAULT?? isn't that a SECURITY BUG because microsoft some "unauthorised
users" to logon by default??

PS: I have already told you that all real users accounts still can login
even these 2 accounts are deleted away.

Can some windows experts help to advise?

Thanks for the help.


.

Relevant Pages

  • Re: windows new users?
    ... Sorry, my mistake, they are members of the "Users" group. ... These accounts are on all my XP machines, they're not a result of virus activity. ... It appear as a username and not a group although it is named "userS" in the account name and they are security principal identifier accounts.. ... With the ever increasing push to secure and lock down machines those without the Authenticated Users group will hit into a brick wall! ...
    (microsoft.public.windowsxp.setup_deployment)
  • Re: windows new users?
    ... the 2 accounts that I mentioned abv is some username ... "userS" in the account name and they are security principal identifier ... those without the Authenticated Users group will hit into a brick wall! ...
    (microsoft.public.windowsxp.setup_deployment)
  • Re: windows new users?
    ... doesn't use any accounts at all. ... To login and fulfill the remote assistance, ... those without the Authenticated Users group will hit into a brick wall! ...
    (microsoft.public.windowsxp.setup_deployment)
  • Re: Integrated security - why not?
    ... Let me explain why we seldom use Integrated Security for Internet asp.net ... how could we setup accounts for them? ... !server to the public network with services such as SQL Server (remember SQL ... The DC at the ISP is not for our own use. ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: Authenticated Users
    ... the Domain Admins is not a good thing, ... We found the authenticated users group being a member of the Domain ... Can any body shed any light on this, and also is this security risk? ...
    (microsoft.public.windows.server.active_directory)