violations in windows 2008 r2

bsarahim
bsarahim used Ask the Experts™
on
I have windows 2008 server r2 workgroup, i need to fix this

1.
User Resources/Shared Folders Restriction:
 
Invalid Shared Folder ACL for group: Everyone, share name: D; No ACL allowed for group
Everyone
Invalid Shared Folder ACL for group: Everyone, share name: Users; No ACL allowed for
group Everyone

Remediation Description= If Remediation finds permissions granted to Everyone on a shared folder, Remediation will remove these permissions.
Administrative shares ( $(Administrative shares) ) are excluded from remediation

----------------------------------------------

2.
User perf, Account Type: ABC, has a password set to never expire. Conditions:User is
not in Guest, IUSR_*, IWAM_*;User is member of local or domain administrative
group;Deny logon locally right is not set;Deny access to this computer from the network
is not set;Deny logon through Terminal Services right is not set
 

Remediation Description= Remediation will prohibit Password never expire setting. The accounts ( $(Password Never Expires Accounts ) will be skipped. If
the system is joined to a DC and GPO is activated, the GPO setting wins over the local setting. Remediation might not be able to change the value this setting.
this remediation is only working for local users

may i know, how can i fix it above 2. thanks
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Top Expert 2016

Commented:
where are you seeing this?

Author

Commented:
It is our it policy, which need to fix
Top Expert 2016
Commented:
remove everyone and add domain users
OWASP: Forgery and Phishing

Learn the techniques to avoid forgery and phishing attacks and the types of attacks an application or network may face.

Author

Commented:
It is work group server
Top Expert 2016
Commented:
then add the account that the users will be authenticating with
Shaun VermaakTechnical Specialist
Awarded 2017
Distinguished Expert 2018
Commented:
For number 2, remove the Password Never Expire setting for non-builtin accounts
Top Expert 2016

Commented:
Enough information provided to answer question

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial