| Vuln ID | Severity | Asset | STIG | Title | Status | Doc Status | Assigned To | Actions |
|---|---|---|---|---|---|---|---|---|
| V-243486 | CAT II | MONT-DC-003 | Active Directory Domain Security Technic... | The Anonymous Logon and Everyone groups must not b... | - | |||
Check TextOpen "Active Directory Users and Computers" (available from various menus or run "dsa.msc"). Expand the domain being reviewed in the left pane and select the "Builtin" container. Double-click on the "Pre-Windows 2000 Compatible Access" group in the right pane. Select the "Members" tab. If the "Anonymous Logon" or "Everyone" groups are members, this is a finding. (By default, these groups are not included in current Windows versions.) Fix TextEnsure the "Anonymous Logon" and "Everyone" groups are not members of the "Pre-Windows 2000 Compatible Access group". (By default, these groups are not included in current Windows versions.) Open "Active Directory Users and Computers" (available from various menus or run "dsa.msc"). Expand the domain being reviewed in the left pane and select the "Builtin" container. Double-click on the "Pre-Windows 2000 Compatible Access" group in the right pane. Select the "Members" tab. If the "Anonymous Logon" or "Everyone" groups are members, select each and click "Remove". Finding DetailsEvaluate-STIG 1.2507.5 (Scan-ActiveDirectoryDomain_Checks) found this to be NOT A FINDING on 10/23/2025 ResultHash: 0F5A15D869BBF06C2EB5A9E95A87ED62D87DAB4F ~~~~~ Both 'Anonymous Logon' and 'Everyone' are not members of 'Pre-Windows 2000 Compatible Access'.
Source: _Reviewed/MONT-DC-003/Checklist/MONT-DC-003_ADDomain_V3R5_20251023-171837.ckl
Scan Date: 2026-01-14T12:57:36.435963
Technology Area: Domain Name System
|
||||||||