G
Guest
I would like to modify my "Everyone" group with "Authenticated Users" group.
I can't find the everyone group in XP Pro (workgroup).
J
I can't find the everyone group in XP Pro (workgroup).
J
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
C
Colin Nash [MVP]
Johnny said:I would like to modify my "Everyone" group with "Authenticated Users"
group.
I can't find the everyone group in XP Pro (workgroup).
J
It's built-in and cannot be modified.
http://support.microsoft.com/kb/243330
What are you trying to accomplish?
G
Guest
If I can do that, then I don't need to search entire hard disk folder, where
there is everyone group and replace it with Authenticated Users group.
I thought this way will be the fastest way to do it. Instead of going folder
by folder.
Is there a command line where it can list for me all the files & folders
that have everyone group in it?
there is everyone group and replace it with Authenticated Users group.
I thought this way will be the fastest way to do it. Instead of going folder
by folder.
Is there a command line where it can list for me all the files & folders
that have everyone group in it?
G
Guest
I'm taking a guess at what you are trying to do, but I think you want to take
away permissions for the Everyone group and instead replace it with the
Authenticated Users group...is that correct? I believe that the Everyone
group is granted Read and Execute at the root of hard drives, but only for
that level, so it shouldn't have any other default permissions in your file
structure. However, if anyone w/appropriate rights gave the Everyone group
access somewhere deeper in the folder tree, the only way to remove that
permission is by finding the specific file/folder that Everyone was added to
and removing it from the Access Control List (ACL) for that resource. There
may be third-party tools that will list all of the resources a specific group
has permissions to, but I don't know of any off-hand. I hope this helps.
Steve
away permissions for the Everyone group and instead replace it with the
Authenticated Users group...is that correct? I believe that the Everyone
group is granted Read and Execute at the root of hard drives, but only for
that level, so it shouldn't have any other default permissions in your file
structure. However, if anyone w/appropriate rights gave the Everyone group
access somewhere deeper in the folder tree, the only way to remove that
permission is by finding the specific file/folder that Everyone was added to
and removing it from the Access Control List (ACL) for that resource. There
may be third-party tools that will list all of the resources a specific group
has permissions to, but I don't know of any off-hand. I hope this helps.
Steve
G
Guest
That's correct.
Thank you for your reply Steve.
Thank you for your reply Steve.
steve_t said:I'm taking a guess at what you are trying to do, but I think you want to take
away permissions for the Everyone group and instead replace it with the
Authenticated Users group...is that correct? I believe that the Everyone
group is granted Read and Execute at the root of hard drives, but only for
that level, so it shouldn't have any other default permissions in your file
structure. However, if anyone w/appropriate rights gave the Everyone group
access somewhere deeper in the folder tree, the only way to remove that
permission is by finding the specific file/folder that Everyone was added to
and removing it from the Access Control List (ACL) for that resource. There
may be third-party tools that will list all of the resources a specific group
has permissions to, but I don't know of any off-hand. I hope this helps.
Steve
S
Steven L Umbach
You can use free programs such as dumpsec from SomarSoft to help you find
the entries. The Microsoft RK tool subinacl can also do it and can do a find
and replace operation for SID but is a very powerful tool and needs to be
used with care. You can mitigate the vulnerability of the everyone group by
making sure the guest account is disabled, that the security option for
network access: let everyone permissions apply to anonymous users is
disabled, and that everyone has been replaced by authenticated users in the
user right for access this computer from the network. All that can be
enforced on Local Security Policy via secpol.msc.
Steve
http://www.somarsoft.com/ --- Dumpsec
http://www.microsoft.com/downloads/...56-D8FE-4A91-93CF-ED6985E3927B&displaylang=en
--- subinacl
the entries. The Microsoft RK tool subinacl can also do it and can do a find
and replace operation for SID but is a very powerful tool and needs to be
used with care. You can mitigate the vulnerability of the everyone group by
making sure the guest account is disabled, that the security option for
network access: let everyone permissions apply to anonymous users is
disabled, and that everyone has been replaced by authenticated users in the
user right for access this computer from the network. All that can be
enforced on Local Security Policy via secpol.msc.
Steve
http://www.somarsoft.com/ --- Dumpsec
http://www.microsoft.com/downloads/...56-D8FE-4A91-93CF-ED6985E3927B&displaylang=en
--- subinacl