Actually, in a default Windows Server 2003 *domain*, the Everyone group does not include the Anonymous Logon account. Has nothing to do with standalone.
Therefore, not a "minor" quibble, considering it's the *default*. Laura > -----Original Message----- > From: Devin Ganger [mailto:[EMAIL PROTECTED] > Sent: Monday, July 10, 2006 1:41 PM > To: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]; Murad Talukdar > Cc: [email protected] > Subject: RE: DACLS for software distribution points... > > At Thursday, July 06, 2006 5:38 PM, Susan Bradley, CPA aka > Ebitz - SBS Rocks [MVP] wrote: > > > In the 2k3 era the Everyone group is akin to the > Authenticated users > > anyway since Everyone in the 2k3 era does not include the > anon users. > > A minor quibble, since several folks have now all made this > same statement. > > Windows XP and Windows Server 2003 do not include the > Anonymous SID in the Everyone group membership *out of the > box* when in standlone mode. > However, this behavior can be configured through Group Policy > or registry, so you can't just assume that this is the case. > > Those of you who doubt this are welcome to refer to KB 278259 > for details or read up on the "Network access: Let Everyone > permissions apply to anonymous users" Group Policy setting in > Chapter 5 of the Threats and Countermeasures Guide, which you > can find online at: > > http://www.microsoft.com/technet/security/topics/serversecurit > y/tcg/tcgc > h05n.mspx > > -- > Devin L. Ganger Email: [EMAIL PROTECTED] > 3Sharp LLC Phone: 425.882.1032 x 109 > 15311 NE 90th Street Cell: 425.239.2575 > Redmond, WA 98052 Fax: 425.702.8455 > (e)Mail Insecurity: http://blogs.3sharp.com/blog/deving/ > > -------------------------------------------------------------- > ------------- > -------------------------------------------------------------- > ------------- > --------------------------------------------------------------------------- ---------------------------------------------------------------------------
