[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

Access this computer from the network

ID: oval:org.secpod.oval:def:36486Date: (C)2016-08-05   (M)2023-12-13
Class: COMPLIANCEFamily: windows




This user right determines which users and groups are allowed to connect to the computer over the network. Remote Desktop Services are not affected by this user right. Note: Remote Desktop Services was called Terminal Services in previous versions of Windows Server. Default on workstations and servers: Administrators Backup Operators Users Everyone Default on domain controllers: Administrators Authenticated Users Enterprise Domain Controllers Everyone Pre-Windows 2000 Compatible Access Counter Measure: Restrict the Access this computer from the network user right to only those users who require access to the server. For example, if you configure this policy setting to the Administrators and Users groups, users who log on to the domain will be able to access resources shared from servers in the domain if members of the Domain Users group are included in the local Users group. Potential Impact: If you remove the Access this computer from the network user right on domain controllers for all users, no one will be able to log on to the domain or use network resources. If you remove this user right on member servers, users will not be able to connect to those servers through the network. Successful negotiation of IPsec connections requires that the initiating machine has this right, therefor Microsoft recommends that it is assigned to the Users group.If you have installed optional components such as ASP.NET or Internet Information Services (IIS), you may need to assign this user right to additional accounts that are required by those components. It is important to verify that authorized users are assigned this user right for the computers they need to access the network. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Access this computer from the network (2) REG: ### (3) WMI: root\rsop\computer#RSOP_UserPrivilegeRight#AccountList#UserRight='SeNetworkLogonRight' and precedence=1

Platform:
Microsoft Windows 10
Reference:
CCE-41806-1
CCE    1
CCE-41806-1
XCCDF    5
xccdf_org.secpod_benchmark_HIPAA_45CFR_164_Windows_10
xccdf_org.secpod_benchmark_NIST_800_53_r4_Windows_10
xccdf_org.secpod_benchmark_PCI_3_2_Windows_10
xccdf_org.secpod_benchmark_NIST_800_171_R1_Windows_10
...

© SecPod Technologies