STIGQter: STIG Summary: Microsoft Windows Server 2016 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021: STIGQter: STIG Summary: Microsoft Windows Server 2016 Security Technical Implementation Guide Version: 2 Release: 2 Benchmark Date: 04 May 2021:SV-224975r569186_rule
V-224975
SRG-OS-000138-GPOS-00069
WN16-DC-000120
CAT II
10
Move shares used to store files owned by users to a different logical partition than the directory server data files.
This applies to domain controllers. It is NA for other systems.
Run "Regedit".
Navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters".
Note the directory locations in the values for "DSA Database file".
Open "Command Prompt".
Enter "net share".
Note the logical drive(s) or file system partition for any organization-created data shares.
Ignore system shares (e.g., NETLOGON, SYSVOL, and administrative shares ending in $). User shares that are hidden (ending with $) should not be ignored.
If user shares are located on the same logical partition as the directory server data files, this is a finding.
V-224975
False
WN16-DC-000120
This applies to domain controllers. It is NA for other systems.
Run "Regedit".
Navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters".
Note the directory locations in the values for "DSA Database file".
Open "Command Prompt".
Enter "net share".
Note the logical drive(s) or file system partition for any organization-created data shares.
Ignore system shares (e.g., NETLOGON, SYSVOL, and administrative shares ending in $). User shares that are hidden (ending with $) should not be ignored.
If user shares are located on the same logical partition as the directory server data files, this is a finding.
M
4205