Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
File Replication Service (FRS) directory data files must have proper access control permissions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-27109 | DS00.0121_2003 | SV-34409r3_rule | Medium |
| Description |
|---|
| Improper access permissions for directory data files could allow unauthorized users to read, modify, or delete directory data. |
| STIG | Date |
|---|---|
| Windows 2003 Domain Controller Security Technical Implementation Guide | 2015-03-09 |
Details
| Check Text ( C-49673r2_chk ) |
|---|
| Run "Regedit". Navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters". Note the value for "Working Directory", typically "%SystemRoot%\ntfrs". Verify the permissions of the noted location. If the access control permissions of the FRS directory are not at least as restrictive as those below, this is a finding. FRS Directory Permissions: Administrators - Full Control (F) SYSTEM - Full Control (F) |
| Fix Text (F-50021r2_fix) |
|---|
| Maintain the access control permissions for the FRS directory as outlined below. FRS Directory Permissions: Administrators - Full Control (F) SYSTEM - Full Control (F) |