The security provided by Windows 2000 is designed to meet the following requirements:
One of the ways Windows 2000 meets these requirements is by assigning each user a
security ID (SID)
. Your SID, a gigantic number
Whenever you attempt to walk through a controlled "door" in Windows 2000 (for example, when you connect to a shared printer), or any time a program attempts to do that on your
In determining whom to pass and whom to block, Windows 2000 consults the resource's access control list (ACL) . This is simply a list showing which SIDs have which kinds of access privileges. Every resource subject to access control has an ACL.
For a list of Windows 2000 rights, see Table 27-2.
Windows 2000 distinguishes two types of access privileges: permissions and rights. A
is the ability to access a particular object in some defined manner—for example, to write to an NTFS file or to modify a printer queue. A
is the ability to perform a particular
The owner of a resource (or an administrator)
In this book, as in many of the Windows 2000 messages and dialog boxes, privileges serves as an informal
termencompassing both permissions and rights.
The backbone of Windows 2000 security is the ability to uniquely identify each user. Windows 2000
In addition to such "normal" user accounts, Windows 2000 provides two special accounts that have predefined sets of permissions and rights associated with them: the Administrator account, and the Guest account.
Every computer running Windows 2000 has a special account named Administrator. This account has full rights over the entire computer. It can create other user accounts and is
To make it more difficult for intruders to use the Administrator account, you should rename it so they'll be forced to guess its user name as well as its password. For information about renaming user accounts, see "Renaming, Deleting, and Disabling Accounts."
Most Windows 2000 systems also include an account named Guest. This account resides at the other end of the privilege spectrum. It is designed to allow an infrequent or temporary user such as a visitor to log on to the system without providing a password and use the system in a restricted manner. Choices made by the system administrator determine the level of access afforded to the Guest account. (By default, the Guest account is disabled on a clean install of Windows 2000; no one can use an account that's disabled.)
Enabling the Guest account not only allows
anyoneto log on to your computer using the user name Guest (with no password), but it allows anyone on your network to see your shared folders if you share them using default settings. (The other users could even be running an unsecure system such as Windows 98, which doesn't require a logon name and password.) Shared folders on a FAT32 volume are then completely opento access, and anonymous users can view, modify, create, or delete files. If your shared folders are on an NTFS volume and you use the default NTFS access permissions, they won't be able to access the share—but they will be able to see the shared folder name. If you must enable the Guest account, be sure you deny Guest access to shares, folders, and files that you don't want guests and other unauthenticated users to see. (A user on another computer or another domain might be authenticated on their system, but not on yours.)