You are currently offline, waiting for your internet to reconnect

Top 10 Potential Problematic Security Settings for Microsoft Windows XP Professional Edition and Microsoft Windows Server 2003.

Support for Windows XP has ended

Microsoft ended support for Windows XP on April 8, 2014. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Support for Windows Server 2003 ended on July 14, 2015

Microsoft ended support for Windows Server 2003 on July 14, 2015. This change has affected your software updates and security options. Learn what this means for you and how to stay protected.

Author:
Kerry Steele MVP
COMMUNITY SOLUTIONS CONTENT DISCLAIMER
MICROSOFT CORPORATION AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY, RELIABILITY, OR ACCURACY OF THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN. ALL SUCH INFORMATION AND RELATED GRAPHICS ARE PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT AND/OR ITS RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION AND RELATED GRAPHICS, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, WORKMANLIKE EFFORT, TITLE AND NON-INFRINGEMENT. YOU SPECIFICALLY AGREE THAT IN NO EVENT SHALL MICROSOFT AND/OR ITS SUPPLIERS BE LIABLE FOR ANY DIRECT, INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS OF USE, DATA OR PROFITS, ARISING OUT OF OR IN ANY WAY CONNECTED WITH THE USE OF OR INABILITY TO USE THE INFORMATION AND RELATED GRAPHICS CONTAINED HEREIN, WHETHER BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE, EVEN IF MICROSOFT OR ANY OF ITS SUPPLIERS HAS BEEN ADVISED OF THE POSSIBILITY OF DAMAGES.
This article has been archived. It is offered "as is" and will no longer be updated.
Tips
Top 10 Potential Problematic Security Settings
Many enterprise management tools rely on several of these features of the operating system:
 
Enterprise and other applications may require:
Administrative Shares (C$, ADMIN$) - AutoShareWks or AutoShareServer
Remote Registry Service
Task Scheduler
RestrictAnonymous (Null User Sessions)
NTFS/Registry Permissions
NetBIOS over TCP/IP
LM VS. NTLM VS. NTLMv2 Authentication - LmCompatibilityLevel
File/Printer Sharing Bindings
Workstation Service
Server Service

To troubleshoot most of these settings, it is either:
 - Turn it on
 - Turn it off
 - Tweak the value
 
For an application to function properly, it may require tuning several of the settings listed above.
 
The settings that are more difficult to troubleshoot are NTFS and Registry permissions. 
There are two ways to troubleshoot these issues:
 - Enable auditing of Failed Object Access, and watch for Failure events in the Event Viewer.
 - Use third party tools such as FileMon and RegMon from SysInternals – .  Look for “Access Denied” alerts.
Properties

Article ID: 555069 - Last Review: 12/07/2015 13:14:52 - Revision: 1.0

Microsoft Windows XP Professional, Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems, Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems, Microsoft Windows Server 2003, Datacenter Edition, Microsoft Windows Server 2003, Enterprise Edition, Microsoft Windows Server 2003, Standard Edition, Microsoft Windows Server 2003, Web Edition, unknown KMS 9471, Microsoft Windows XP Home Edition, Microsoft Windows XP Media Center Edition 2002, Microsoft Windows XP Tablet PC Edition

  • kbnosurvey kbarchive kbpubtypecca kbpubtypett kbpubmvp kbhowto KB555069
Feedback