Top 10 Potential Problematic Security Settings for Microsoft Windows XP Professional Edition and Microsoft Windows Server 2003.

Article translations Article translations
Article ID: 555069 - View products that this article applies to.
Author: Kerry Steele MVP
Expand all | Collapse all

Tips

Top 10 Potential Problematic Security Settings

Many enterprise management tools rely on several of these features of the operating system:
 
Enterprise and other applications may require:
Administrative Shares (C$, ADMIN$) - AutoShareWks or AutoShareServer
Remote Registry Service
Task Scheduler
RestrictAnonymous (Null User Sessions)
NTFS/Registry Permissions
NetBIOS over TCP/IP
LM VS. NTLM VS. NTLMv2 Authentication - LmCompatibilityLevel
File/Printer Sharing Bindings
Workstation Service
Server Service

To troubleshoot most of these settings, it is either:
 - Turn it on
 - Turn it off
 - Tweak the value
 
For an application to function properly, it may require tuning several of the settings listed above.
 
The settings that are more difficult to troubleshoot are NTFS and Registry permissions. 
There are two ways to troubleshoot these issues:
 - Enable auditing of Failed Object Access, and watch for Failure events in the Event Viewer.
 - Use third party tools such as FileMon and RegMon from SysInternals – http://www.sysinternals.com.  Look for “Access Denied” alerts.

Properties

Article ID: 555069 - Last Review: March 5, 2004 - Revision: 1.0
APPLIES TO
  • Microsoft Windows XP Professional
  • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Windows Server 2003, Datacenter Edition
  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Standard Edition
  • Microsoft Windows Server 2003, Web Edition
  • unknown KMS 9471
  • Microsoft Windows XP Home Edition
  • Microsoft Windows XP Media Center Edition 2002
  • Microsoft Windows XP Tablet PC Edition
COMMUNITY SOLUTIONS CONTENT DISCLAIMER
MICROSOFT CORPORATION AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, OR ACCURACY OF THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN. ALL SUCH INFORMATION AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT AND/OR ITS RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, TITLE AND NON-INFRINGEMENT. YOU SPECIFICALLY AGREE THAT IN NO EVENT SHALL MICROSOFT AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF OR INABILITY TO USE THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF MICROSOFT OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES.

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com