Ask the Expert

Users included in the "Everyone" group

I have a Win2K Native mode network with some 2003 Servers. All workstations are either Win2K or XP Pro. My question is as follows: Does the Everyone group mean only authenticated users, or does it mean absolutely anybody including non-authenticated users? Thanks.
In Windows Server 2003 domains and on their servers, the anonymous token is not part of the group Everyone. In Windows 2000 it is. Therefore, when planning security for your network, you should remember that an anonymous user does have access to any resources that are given to the group Everyone. Restrict anonymous access, and where possible modify permissions so that Everyone does not have Full Control. Do be careful, however, since the group Everyone is often used to enable the operating system access to resources. When in doubt, provide both authenticated users and SYSTEM, Full Control, and then only add groups of users who need access to the resource, and always test in a test network before making changes in a production network.

This was first published in February 2005

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: