Yesterday, I had to go back home late, after midnight actually, because I was trying to resolved a Windows 2003 Server problem due to OS hardening. I spend almost six hours of my time in this, way passed midnight. I had to revert back all the changes I made earlier until I found out the main cause.
There is this parameter "Bypass traverse checking", which allows user to access (traverse) directories without if they are not allow into the parent folder. The initial permissions were granted for Everyone, Administrators, Users, Power Users and Backup Operators. I removed Everyone, Users and Power Users, and after server reboot, I could not even access the Networking panel, run the Backup or check the Dependencies in the Services. Managed to solved the issue by putting "Authenticated User" into the rights, and reboot server, it works!
There is this parameter "Bypass traverse checking", which allows user to access (traverse) directories without if they are not allow into the parent folder. The initial permissions were granted for Everyone, Administrators, Users, Power Users and Backup Operators. I removed Everyone, Users and Power Users, and after server reboot, I could not even access the Networking panel, run the Backup or check the Dependencies in the Services. Managed to solved the issue by putting "Authenticated User" into the rights, and reboot server, it works!
No comments:
Post a Comment