Solved

"Pre-Windows 2000 Compatible Access" group question w/ Exchange 2003

Posted on 2006-07-20
2
504 Views
Last Modified: 2007-12-19
I'm running DomainPrep in preparing to install Exchange 2003 server.  I have just been following the deployment tools checklist to install it.  Anyway, I got this message:

The domain has been identified as an insecure domain for mail-enabled groups with hidden DL membership.  Hidden DL membership will be exposed to members of the built-in "Pre-Windows 2000 Compatible Access" security group.  This group may have been populated during the promotion of the domain with intent of allowing permissions to be compatible with pre-Windows 2000 servers and application.  To secure the domain, remove any unnecessary members from this group.

I checked the group in question, and there is one member: Authenticated Users with AD folder in NT Authority.  Is it OK to have there, or do I need to remove it?  What is it?  
0
Comment
Question by:dbestcomputers
2 Comments
 
LVL 26

Accepted Solution

by:
Pber earned 125 total points
ID: 17167243
This error is normal.  They still warn you even if you didn't select “Permissions compatible with pre-Windows 2003 servers” during the DCpromo phase.  

The permissions are fine and they are what they should be.  The security risk was when the "Pre-Windows 2000 Compatible Access" contained the EVERYONE group.  Keep the Everyone group out of here.

This group is for backward compatibility for NT4 systems allowing for NULL session connections.
0
 

Author Comment

by:dbestcomputers
ID: 17168048
Ok, thank You!
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

791 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question