Hi All,
We have Windows Server Ent 2008 R2 ADDS in our environment. Internal Auditing is going on in our IT department. The Auditor has performed the penetration test by using some tools and tried to access the Active Directory Tree ( Entire Domain Structure ) and got success. He found the users, computers, groups, policies, objects, Last Log on and status of Accounts.
The Auditor is a normal domain user and has local admin privilege on his lap top merely. But he is not a member of Administrators group in domain.
As per my knowledge by default the Active Directory Domain objects and the local drives have read permission to Everyone, because of that he could view or read the AD objects. And now he's complaining that this behavior is vulnerable and advising us to hide from the authenticated or domain users.
Can we have any supported document or article from Microsoft that, this Everyone read only permission behavior is not abnormal or if we change the default settings in Active Directory what will be the Impact. ?
What is the normal behavior of Active Directory for domain users.?
Could you please advise that how to act in such situation and Appreciated for your valuable time.
Thanks in Advanced.
Regards,Ali