What to do with SYSVOL and NETLOGON in the network view

When user browse to the PDC via "My Network Place" they can browse the SYSVOL and NETLOGON and see its content (seems to be MS default setting when setting up PDC) ... Is this something that should not be happening? Should I hide these directories or apply rights restriction on it? If so .. what kind?
SC2002AdminAsked:
Who is Participating?
 
TASINetworkConnect With a Mentor Commented:
Users can only view those shares.  They must be accessible by everyone as the SYSVOL houses GPOs, etc. and NETLOGON houses your logon scripts.  They should be fine as is.
0
 
Netman66Commented:
Agreed.  SYSVOL and the backward-compatible NETLOGON (which is really just SYSVOL in disguise) are meant to be visible.  Users cannot do anything inside those shares - they have read-only access.

0
 
SC2002AdminAuthor Commented:
Is there anyway to make them invisible and yet not interfering with system operation? I would like to make none-user related stuff as transparent as possible.
0
Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

 
TASINetworkCommented:
I know of no way to hide them without causing problems.  If you lock down those shares any more, you will most likely cause problems.
0
 
SC2002AdminAuthor Commented:
Is there a way to keep it invisible to users without causing problems?
0
 
Netman66Connect With a Mentor Commented:
The only thing you could do is use a GPO to disable the ability to browse the network.  This won't prevent anyone from typing in the share at the Run line - \\servername\sysvol - and opening it, but it will prevent the casual browser.

0
All Courses

From novice to tech pro — start learning today.