Good Microsoft KB article for clarification: http://support.microsoft.com/kb/278259
"In Microsoft Windows XP and in Microsoft Windows Server 2003, the Everyone group does not contain the security identifier (SID) "Anonymous." Therefore, users or services that attempt to access an object anonymously are not granted access if the access control list (ACL) on the object includes the Everyone group. Anonymous access is only granted for objects whose ACL explicitly contains the anonymous SID." -Matt Roca -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Murda Mcloud Sent: Wednesday, June 11, 2008 10:45 PM To: [email protected] Subject: default for requiring authentication 2003 I'm having a debate with someone over whether a 2003 server by default (OOB)forces someone to authenticate(whether to a DC or to the server itself if standalone) before allowing access to files. He seems to think that the default is that no authentication is required and consequently anyone could rock up and connect a laptop to a network with that server on it and get access to files on it-as the EVERYONE group is given read permissions to new folders etc. I say he is wrong but am looking hard to find something to back me up. I understand that the guest account could access files as it is part of the EVERYONE group but it's disabled by default-but still, there is an authentication process for guest to login
