Solved

What to do with SYSVOL and NETLOGON in the network view

Posted on 2004-08-20
8
423 Views
Last Modified: 2012-08-14
When user browse to the PDC via "My Network Place" they can browse the SYSVOL and NETLOGON and see its content (seems to be MS default setting when setting up PDC) ... Is this something that should not be happening? Should I hide these directories or apply rights restriction on it? If so .. what kind?
0
Comment
Question by:SC2002Admin
  • 2
  • 2
  • 2
8 Comments
 
LVL 2

Accepted Solution

by:
TASINetwork earned 250 total points
ID: 11851802
Users can only view those shares.  They must be accessible by everyone as the SYSVOL houses GPOs, etc. and NETLOGON houses your logon scripts.  They should be fine as is.
0
 
LVL 51

Expert Comment

by:Netman66
ID: 11851905
Agreed.  SYSVOL and the backward-compatible NETLOGON (which is really just SYSVOL in disguise) are meant to be visible.  Users cannot do anything inside those shares - they have read-only access.

0
 

Author Comment

by:SC2002Admin
ID: 11854703
Is there anyway to make them invisible and yet not interfering with system operation? I would like to make none-user related stuff as transparent as possible.
0
Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

 
LVL 2

Expert Comment

by:TASINetwork
ID: 11854812
I know of no way to hide them without causing problems.  If you lock down those shares any more, you will most likely cause problems.
0
 

Author Comment

by:SC2002Admin
ID: 11862028
Is there a way to keep it invisible to users without causing problems?
0
 
LVL 51

Assisted Solution

by:Netman66
Netman66 earned 250 total points
ID: 11862041
The only thing you could do is use a GPO to disable the ability to browse the network.  This won't prevent anyone from typing in the share at the Run line - \\servername\sysvol - and opening it, but it will prevent the casual browser.

0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
by Batuhan Cetin Within the dynamic life of an IT administrator, we hold many information in our minds like user names, passwords, IDs, phone numbers, incomes, service tags, bills and the order from our wives to buy milk when coming back to home.…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now