No announcement yet.

Enumeration - Windows Groups

  • Filter
  • Time
  • Show
Clear All
new posts

  • Enumeration - Windows Groups

    Groups are used in most operating systems such as Microsoft Windows and Linux to grant access to resources as well as simplify user management. Groups are an effective administration tool that enable management of multiple users. A group can contain a large number of users that can then be managed as a single unit. This approach allows you to assign privileges to a resource such as a shared folder to a group instead of each user individually.
    Most vendors such as Microsoft include a number of predefined groups that can be used as is, or be modified as needed.

    There are several default groups in Windows...

    Anonymous Logon
    Designed to allow anonymous access to resources; typically used when accessing a web service running on a web server.

    The batch group is used to allow batch jobs to run scheduled tasks, such as a nightly cleanup job that deletes temporary files.

    Creator Group
    Microsoft Windows 2000 uses this group to automatically grant access permissions to users who are a member of the same group or groups as the creator of a file or directory.

    Creator Owner
    The user who created a particular file or directory is a member of this group. Microsoft Windows 2000 and later, uses this group to automatically grant access permissions to the creator of the file or directory.

    All interactive, network, dial-up, and authenticated users are a member of this group. This group is used to give wide access to a common system resource that everyone would normally have.

    Any user logged on to the local system has the Interactive identity, which allows only local users to access a resource.

    Any user accessing the system through a network has the Network identity, which allows only remote users to access a paticular resource.

    Users and computers with restricted capabilities have the restricted identity. On a member server or workstation, a local user who is a member of the Users group, rather than the Power Users group, has this identity.

    This refers to the object and allows the object to modify itself.

    Any service accessing the system has the Service identity, which grants access to processes being run by Microsoft Windows 2000, and later, services.

    The Microsoft Windows 2000, and later, operating system has the System identity which is used when the operating system needs to perform a system-level operation or function.

    Terminal Server User
    Allows Terminal Server users to access Terminal Services applications.
    Certified Security Geek