Securing Windows Server 2003 tasks
Cisco TMS Secure Server Configuration Guide 13.0
Page 20 of 34
Directory
User/Group
Permission
SQL Server\90\Setup
Bootstrap
2) SYSTEM
3) SQLServer2005MSSQLUSER$Computer
Name$InstanceName
2) Full
3) Read &Execute
\Program Files\Microsoft
SQL Server\90\Shared
1) LocalMachine\Administrators
2) SYSTEM
3) SQLServer2005MSSQLUSER$Computer
Name$InstanceName
1) Full
2) Full
3) Read &Execute
\Program Files\Microsoft
SQL
Server\90\Shared\Error
Dumps
1) LocalMachine\Administrators
2) SYSTEM
3) SQLServer2005MSSQLUSER$Computer
Name$InstanceName
1) Full
2) Full
3) Read &Write
\Program Files\Microsoft
SQL Server\90\tools
1) LocalMachine\Administrators
2) SYSTEM
3) SQLServer2005MSSQLUSER$Computer
Name$InstanceName
1) Full
2) Full
3) Read &Execute
%systemroot% (usually
\WINDOWS)
1) LocalMachine\Administrators
2) LocalMachine\Users
3) SYSTEM
1) Full
2) Read &Execute
3) Full
%systemroot%\Config
1) LocalMachine\Administrators
2) LocalMachine\Users
3) SYSTEM
1) Full
2)Read &List
3) Full
%systemroot%\System3
2
%systemroot%\System3
2\LogFiles
%systemroot%\System3
2\InetSrv
1) LocalMachine\Administrators
2) LocalMachine\Users
3) SYSTEM
1) Full
2) Read & Execute
3) Full
%systemroot%\System
1) LocalMachine\Administrators
2) LocalMachine\Users
3) SYSTEM
1) Full
2) Read & Execute
3) Full
%systemroot%\Repair
1) LocalMachine\Administrators
2)SYSTEM
1)Full
2)Full
\Documents and
Settings
1) LocalMachine\Administrators
2) LocalMachine\Users
3) SYSTEM
1) Full
2) Read
3) Full
Verify that the following files have these permissions:
File
User/Group
Permission
C:\AUTOEXEC.bat
1) LocalMachine\Administrators
2) SYSTEM
1) Full
2) Read & Execute
C:\CONFIG.SYS
1) LocalMachine\Administrators
2) SYSTEM
1) Full
2) Read & Execute
Audit policy
The Audit policy defines which security events get logged.
To access the auditing, go to Windows Start > Control Panel > Administrative Tools > Local
Security Policy > Local Policies > Audit Policy.