Re: Authenticated Users

Hi
I agree with the other guys having authenticated users group has members of
the Domain Admins is not a good thing, and represents security issues for
all FOREST. It would be nice to urgently check why that is configured in
that way and for what.

--
I hope that the information above helps you

Good Luck
Jorge Silva
MCSA
Systems Administrator
"Richard Mueller" <rlmueller-NOSPAM@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:e9m9mNm7GHA.4568@xxxxxxxxxxxxxxxxxxxxxxx

"Tomasz Onyszko" <T.Onyszko_nospam_@xxxxxx> wrote in message
news:eH360Jk7GHA.4288@xxxxxxxxxxxxxxxxxxxxxxx
moyer wrote:
I am an IT Auditor.

We found the authenticated users group being a member of the Domain
Admins.

It has "send to" and "special" access. Also there are some other admin
apllication groups that it is assigned to with the same access.

I seems as if this is a issue, that this has been assigned while
installations have taken placed.

Can any body shed any light on this, and also is this security risk?

Somebody in this company really liked the shortcuts ... belive me that
authenticated users in Damain Admins group is security risk ... a big
one.

--
Tomasz Onyszko
http://www.w2k.pl/ - (PL)
http://blogs.dirteam.com/blogs/tomek/ - (EN)

Seems equivalent to having no security at all.

--
Richard
Microsoft MVP Scripting and ADSI
Hilltop Lab - http://www.rlmueller.net



.

Relevant Pages

  • Re: windows new users?
    ... accounts are still there in your system. ... security issue and advise everyone else to delete them away. ... those without the Authenticated Users group will hit into a brick wall! ...
    (microsoft.public.windowsxp.setup_deployment)
  • Re: Some new SSH exploit script?
    ... So for those small sites or sites only allowing ssh in for specific persons such as a few admin and perhaps a few application maintainers, and even a vendor or two, we find it easier to maintain the standard port and restrict access in the firewall and tcpd to specific addresses, and on occasion users via sshd_config settings as well. ... Log cruft is a pretty lame reason and rational for making a choice to implement a non-standard port setting, admins should have the skills to filter and parse logs in a manner such that the cruft does not interfere with their daily log monitoring chores, else they have likely a lot of other cruft that must as well be driving them to near madness as well not relating to sshd and the kiddie brute-forcing tool of the week. ... I believe in security in-depth, but this depth is so superficial, I ... Download FREE whitepaper on how a managed service can ...
    (Pen-Test)
  • Re: Height of paranoia
    ... - encryption. ... Microsoft touts domains and AD as a security feature, ... ARE NOT SECURITY DEVICES, ... Exchange admins should not be able to read confidential ...
    (Security-Basics)
  • Re: Removing ping/icmp from a network
    ... vendors / admins / whatever. ... A ping sweep isn't the only way to do network exploration. ... which won't gain you any security. ...
    (Security-Basics)
  • RE: VMWare poor guest isolation design
    ... So, the only risk is the from your hosting company's admins, and any ... and then common security practices of logging & auditing applies. ...
    (Bugtraq)