Identify globally accessible directories (web client)

<< Inhaltsverzeichnis anzeigen >>

Navigation:  Start > Using 8MAN - The Services > Permission Analysis  > Active Directory  > Services for Administrators >

Identify globally accessible directories (web client)

Background / Value

If "Everyone accounts" are used for the assignment of access rights, (almost) everyone has access to the connected resources. The consequence is an excessive assignment of access rights and a high probability for unauthorized access. These go against the principle of least privilege and should therefore not be used. Before deleting permissions you should assign specific groups to the appropriate resources.

 

"Everyone accounts" are:

Everyone

Authenticated Users

Domain-Users

 

Additional Services

Remove permissions from globally accessible directories in bulk

 

Step by step process

A045-02 EN inaktive Konten im webclient identifizieren

 

Go to the Risk Assessment Dashboard.




A048-03 EN global zugängliche Verzeichnisse im Webclient identifizieren

 

1.8MAN shows a rating for the risk factor "Globally accessible directories".

2.Click "Minimize risks".

 

The tiles are sorted by risk level and may therefore be located in different places.




A048-04 EN global zugängliche Verzeichnisse im Webclient identifizieren

 

1.8MAN lists all globally accessible directories.

2.Use sorting, filtering and grouping to analyze the data.

3.Select the rows to display in the grid and in the reports.

4.Export the data into Excel.

5.Create a report in PDF- or CSV-format. Save the report or email it.