Click here to get back home

Access Based Enumeration on Domain Controllers ?
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Access Based Enumeration on Domain Controllers ? Stuart 02-26-2007
Posted by Stuart on February 26, 2007, 6:15 pm
Please log in for more thread options
 Hi. I have read through the documentation for ABE and was wondering if
anyone knew of any reasons to avoid using it on Domain Controllers ? I
can't find any docunmentation which suggests this is not recommended but
just thought I'd check before testing further. Is it advisable not to
enable it on DC shares such as the SYSVOL and NETLOGON or should this not be
an issue ?

Thanks.


Posted by Roger Abell [MVP] on February 27, 2007, 10:43 pm
Please log in for more thread options
 I have never noticed any warning/precautions mentioned.
Also, the shares you specifically call out should be ACLed
so that valid accesses would be allowed/seen anyway.


> Hi. I have read through the documentation for ABE and was wondering if
> anyone knew of any reasons to avoid using it on Domain Controllers ? I
> can't find any docunmentation which suggests this is not recommended but
> just thought I'd check before testing further. Is it advisable not to
> enable it on DC shares such as the SYSVOL and NETLOGON or should this not
> be an issue ?
>
> Thanks.



Similar ThreadsPosted
Access-based Enumeration September 8, 2005, 11:40 am
ABE (Access Based Enumeration) Scalability ?? February 5, 2006, 9:45 pm
Access-Based Enumeration - any gotchas? June 5, 2006, 10:17 am
Access Based Enumeration really doesn't work May 13, 2008, 11:13 am
Hide shared folders like 2003 Access Based Enumeration? July 8, 2005, 4:23 pm
ENTERPRISE DOMAIN CONTROLLERS Vs Domain Group Domain Controllers December 30, 2005, 3:08 am
How to configure Domain access permissions for a user that would vary based on the computer they log into? June 21, 2006, 11:58 am
Locking Down Domain Controllers January 26, 2007, 4:46 am
Have you ever tried Access Based Enumaration on an SP2 March 2, 2008, 4:44 am
"Read-Only" branch office domain controllers? April 20, 2006, 2:34 am

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap