Blogger Widgets

Thursday, February 28, 2013

Windows Shares - SMB permissions and NTFS


Best Practices on Windows Shares SMB permissions and NTFS


This apply to windows server 2003, windows server 2008 and windows server 2012



Share Permissions:
  • Folder $
  • Click on Advanced Sharing
  • Share the Folder
  • Click on Permissions
  • Remove the default Everyone = Read Permissions
  • Add Administrators = Full Control
  • Add Authenticated Users = Full Control

NTFS (Security Tab Permissions):
  • Click on the Security Tab (NTFS Permissions)
  • Remove Inheritance
  • Remove Users = Read
  • Keep Administrators = Full Control
  • Keep System = Full Control
  • Group_Folder_Modify = Modify
    •
  • Group_Folder_Read = Read 


    You have now a clean and secure share. That's all
Continue Reading
Posted by admin at 3:18 PM 0 comments
Labels: , , , , , ,

Saturday, February 2, 2013

Kerio Connect and Windows Server 2008 2012 Firewall

When Kerio Connect is hosted on Windows Server 2008/2012 ,
be sure that the following firewall rules are configured.




netsh firewall set portopening TCP 443 “SSL”

Make sure too that the "SSL" rule is available in Windows Firewall with Advanced Security.

We also need to enable enable the World Wide Web Services (HTTPS Traffic-In) rule
to allow HTTPS communications


click Start, click Run, type wf.msc, and then press ENTER.
In the console tree, locate the following rule and verify that they are enabled:

World Wide Web Services (HTTPS Traffic-In)

netsh firewall add portopening protocol=TCP port=25 name="SMTP" mode=ENABLE scope=ALL 
netsh firewall add portopening protocol=TCP port=110 name="POP3" mode=ENABLE scope=ALL
netsh firewall add portopening protocol=TCP port=143 name="IMAP4" mode=ENABLE scope=ALL
netsh firewall add portopening protocol=TCP port=9998 name="SmarterMail" mode=ENABLE scope=ALL
netsh firewall add portopening protocol=TCP port=587 name="SMTPAlt" mode=ENABLE scope=ALL
netsh firewall add portopening protocol=TCP port=993 name="IMAPS" mode=ENABLE scope=ALL
netsh firewall set portopening TCP 443 “SSL”


Clients should be able to reach Kerio Connect in Windows server environment


More to read on Kerio Connect Installation/Configuration Guide


Continue Reading
Posted by admin at 3:41 PM 7 comments
Labels: , , , , ,
Subscribe to: Posts (Atom)
Copyright © 2013 Passion IT Mag

www.HyperSmash.com