[Forgot Password]
Login  Register Subscribe












Paid content will be excluded from the download.

Download | Alert*

Access this computer from the network

ID: oval:org.secpod.oval:def:36486Date: (C)2016-08-05   (M)2018-07-10
Class: COMPLIANCEFamily: windows

This user right determines which users and groups are allowed to connect to the computer over the network. Remote Desktop Services are not affected by this user right. Note: Remote Desktop Services was called Terminal Services in previous versions of Windows Server. Default on workstations and servers: Administrators Backup Operators Users Everyone Default on domain controllers: Administrators Authenticated Users Enterprise Domain Controllers Everyone Pre-Windows 2000 Compatible Access Counter Measure: Restrict the Access this computer from the network user right to only those users who require access to the server. For example, if you configure this policy setting to the Administrators and Users groups, users who log on to the domain will be able to access resources shared from servers in the domain if members of the Domain Users group are included in the local Users group. Potential Impact: If you remove the Access this computer from the network user right on domain controllers for all users, no one will be able to log on to the domain or use network resources. If you remove this user right on member servers, users will not be able to connect to those servers through the network. Successful negotiation of IPsec connections requires that the initiating machine has this right, therefor Microsoft recommends that it is assigned to the Users group.If you have installed optional components such as ASP.NET or Internet Information Services (IIS), you may need to assign this user right to additional accounts that are required by those components. It is important to verify that authorized users are assigned this user right for the computers they need to access the network. Fix: (1) GPO: Computer Configuration\Windows Settings\Security Settings\Local Policies\User Rights Assignment\Access this computer from the network (2) REG: ### (3) WMI: root\rsop\computer#RSOP_UserPrivilegeRight#AccountList#UserRight='SeNetworkLogonRight' and precedence=1

Microsoft Windows 10
CCE    1
XCCDF    5

© SecPod Technologies