From Windows 2008 Domain Controller Security Technical Implementation Guide
Part of Printer Share Permissions
Associated with: CCI-000213
Improperly configured share permissions on printers can permit the addition of unauthorized print devices on the network. Windows shares are a means by which files, folders, printers, and other resources can be published for network users to remotely access. Regular users cannot create shares on their local machines; only Administrators and Power Users have that ability.
2008 - •Double click on “Printers” in Control Panel If there are no locally attached printers, then mark this as “Not Applicable.” Perform this check for each locally attached printer: •Right click on a locally-attached printer. •Select Sharing from the drop-down menu. Perform this check on each printer that has the “Shared” radio-button selected: •Select the Security tab The following table lists the Server 2008 default printer share security settings: Account Assignment - Allow Everyone - Print CREATOR OWNER - Manage Documents Administrator - Print, Manage Printers, Manage Documents Administrators - Print, Manage Printers, Manage Documents If any non administrative user accounts or groups have greater than “Print”, then this is a finding.
Configure the permissions on locally shared printers to meet the minimum requirements.
Lavender hyperlinks in small type off to the right (of CSS
class id, if you view the page source) point to
globally unique URIs for each document and item. Copy the
link location and paste anywhere you need to talk
unambiguously about these things.
You can obtain data about documents and items in other
formats. Simply provide an HTTP header Accept:
text/turtle or
Accept: application/rdf+xml.
Powered by sagemincer