ZLucas
asked on
Shared Domain folders, everyone has access.
First off, i did not set up the domain at my company. I just have a question about file security. We have about 10 servers, (one at each location) that we use for different software, and as domain controllers. We also have shared files on each server for stuff that we need to install on clients. The problem is, anyone who had domain user rigts on the domain, can get into these shares if they know the svr name or ip. Since i use "run" to access them, alot of times they just just click run and can see the history. This hasent been a problem, but we are seeing some questionable files showing up on our servers. Our fear is that it could be used as a file dump.
How can we add a simple password to these directories, so that when i we try and get access to these particular files, it will ask for a password?
The trick is that some software uses shared files on these servers, these apps need FULL access to the directories. Should I just make those particular folders hidden?
Thanks!
How can we add a simple password to these directories, so that when i we try and get access to these particular files, it will ask for a password?
The trick is that some software uses shared files on these servers, these apps need FULL access to the directories. Should I just make those particular folders hidden?
Thanks!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As you have mentioned Domain Controllers, I'm assuming the basic Windows NT Domain.
The questions that spring into my mind are:
Users what rights do they have? Are they local administrators, or power users? How or why do they have the rights to install software?
What operating System are your clients? Widows 98/me or a Windows NT 2000 or XP?
Why does each user account need full acces to the apps, why don't you use the administraor account to install the software, and restrict the user accounts to read only access of the folders?
What sort of number of clients are there in total or per site?
I think that you will need to tighten up your security, particularly if you are starting to see unknown files on your domain Controllers. They could delete your applications that you are trying to protect.
Do you have a policy in place with regards the use of computers and domain cotrollers?
Do you have auditing enabled to find out which user is creating these files?
Dave
The questions that spring into my mind are:
Users what rights do they have? Are they local administrators, or power users? How or why do they have the rights to install software?
What operating System are your clients? Widows 98/me or a Windows NT 2000 or XP?
Why does each user account need full acces to the apps, why don't you use the administraor account to install the software, and restrict the user accounts to read only access of the folders?
What sort of number of clients are there in total or per site?
I think that you will need to tighten up your security, particularly if you are starting to see unknown files on your domain Controllers. They could delete your applications that you are trying to protect.
Do you have a policy in place with regards the use of computers and domain cotrollers?
Do you have auditing enabled to find out which user is creating these files?
Dave
On the shares right click, select properties, sharing
in win xp click permisions and put a password
in 98 put a password in the password field
in win xp click permisions and put a password
in 98 put a password in the password field
Setting up share and NTFS permissions can get very tricky. I would suggest you make a representation of your directory structure and who you want to have access to it and post it. We can probably help more with that info.