Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
File Replication Service (FRS) directory data files must have proper access control permissions.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-27109 | DS00.0121_2008_R2 | SV-39018r2_rule | Medium |
| Description |
|---|
| Improper access permissions for directory data files could allow unauthorized users to read, modify, or delete directory data. |
| STIG | Date |
|---|---|
| Windows Server 2008 R2 Domain Controller Security Technical Implementation Guide | 2015-03-09 |
Details
| Check Text ( C-49677r2_chk ) |
|---|
| If the system is using the more current Distributed File System (DFS) replication, this is NA. Execute the command "Dfsrmig /getmigrationstate", to verify DFSR is being used. The following message should be returned if the system is using DFSR: "All Domain Controllers have migrated successfully to Global state ('Eliminated'). Migration has reached a consistent state on all Domain Controllers." If the system is using FRS: Run "Regedit". Navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters". Note the value for "Working Directory", typically "%SystemRoot%\ntfrs". Verify the permissions of the noted location. If the access control permissions of the FRS directory are not at least as restrictive as those below, this is a finding. FRS Directory Permissions: Administrators - Full Control (F) SYSTEM - Full Control (F) |
| Fix Text (F-50025r2_fix) |
|---|
| If the system is using the more current DFS replication, this is NA. Maintain the access control permissions for the FRS directory as outlined below. FRS Directory Permissions: Administrators - Full Control (F) SYSTEM - Full Control (F) |