0

anybody know if on %WindowsPath%\security the "Authenticated Users" and "Server Operators" must have "Traverse Folder" permissions on a Domain Controller (Windows 2003).

An external audit over my company observed that I not sure if they are right.

BR

Santiago
  • 254
  • 3
  • 10

1 Answers1

0

That is an unusual recommendation. The only time I have seen that permission removed is to prevent executing files, similar to noexec.

Greg Askew
  • 35,880
  • 5
  • 54
  • 82