PingSentry   |   Discord   |   System32   |   GitHub   |   Free tools

Security: Take ownership of files or other objects user right must only be assigned to the Administrators group

1c1f7740-6b87-4791-ad84-f7ec6d25c3f0

Inappropriate granting of user rights can provide system, administrative, and other high-level capabilities.

Accounts with the "Take ownership of files or other objects" user right can take ownership of objects and make changes.

Remediation

To fix this configure the policy value for
Computer Configuration
|_ Windows Settings
|_ Security Settings
|_ Local Policies
|_ User Rights Assignment
|_ Take ownership of files or other objects to include only the following accounts or groups:
- Administrators

STIG: Server
2025: https://system32.eventsentry.com/stig/viewer/V-278261
2022: https://system32.eventsentry.com/stig/viewer/V-254512
2019: https://system32.eventsentry.com/stig/viewer/V-205768
2016: https://system32.eventsentry.com/stig/viewer/V-225092

Desktop
W11: https://system32.eventsentry.com/stig/viewer/V-253506
W10: https://system32.eventsentry.com/stig/viewer/V-220983

NIST 800-53 : AC-3, AC-6, CM-6, SI-7
NIST 800-171: 3.1.1, 3.1.2, 3.4.6
CMMC v2.0 L2: AC.L2-3.1.1, AC.L2-3.1.2, CM.L2-3.4.6
PCI-DSS v4.0: 2.2.1, 7.2.1
HIPAA SR : §164.312(a)(1), §164.312(c)(1)
HIPAA HICP : Practice 3 (Identity and Access Management), Practice 4 (Data Protection)



Tags

stig-medium-serverstig-medium-desktopnist800-171-servernist800-171-desktopnist800-53-desktopnist800-53-serverpci-dss-v4-desktoppci-dss-v4-serverhipaa-desktophipaa-servercmmc2-l2-desktopcmmc2-l2-server

Your Privacy Choices

Manage your cookie preferences below:

Helps us improve website performance and understand how visitors use our site.

Allows us to collect feedback about our products and improve them based on your input.

To learn more about our use of cookies, please see our
Privacy Policy.