Solved

To share or not to share that is the question?

Posted on 2007-04-10
2
956 Views
Last Modified: 2013-11-15
Need to  tighten up the shared folders on our Exchange Server.  I have looked most of them up and found the discription of some but not all of them.  I have found out that it would be harmful to unshare some of them but not why it would be harmful.  This is a multipart question and I will award points to whomever answers most of it.  Please be as in detail and descriptive as possible (Please pardon my english it's not my mother tounge)

Server Discription:
Win Server 2003 SP2
Exchange 6.5.7
Symantec Mail Secutity for exchange 4.5
Symantec Client Security 10.0.2

Shared Folders

Shared Folder #1   Address -  Address contains folders Ccmail, Gwise MS, Notes, SMTP, X400. Each folder contains 1 i386 folder that contains a .dll file of the smae name such as ccmail.dll  
What purpose does the address shared folder have, can it be unshared, and what consequences will happen if I unshare it?

Shared Folder #2 Exchange.Log - This folder contains message tracking logs going back almost 2 years. There is almost 2 gigs of worthless log files that I will never use.
What purpose does the Exchange.Log shared folder have, can I delete the log files,  can it be unshared, and what consequences will happen if I unshare it?

Shared Folder #3 SYSVOL - I have seen time and time again that this is a critical system share that partners with NetLogon shared folder.  I have no Idea what it is for?? What purpose does the SYSVOL shared folder have,can it be unshared, and what consequences will happen if I unshare it?

Shared Folder #4 NETLOGON - Again  another critical system share that partners with the SYSVOL shared folder. What purpose does the NETLOGON shared folder have,can it be unshared, and what consequences will happen if I unshare it?

Shared Folder #5 VPHOME - Seems to be pointing to the location of my SAV install folder. What purpose does the VPHOME shared folder have,  can it be unshared, and what consequences will happen if I unshare it?  Basically  if I unshare it will it disable anything related to my antivirus or my mail scanning.

Shared Folder #5 VPLOGON - Has some Symantec LOGON.BAT & GRC.DAT files in it.. What purpose does the VLOGON  shared folder have, what is the GRC.DAT file,,  can it be unshared, and what consequences will happen if I unshare it?  Basically  if I unshare it will it disable anything related to my antivirus or my mail scanning.




0
Comment
Question by:NDCsupport
2 Comments
 
LVL 39

Accepted Solution

by:
redseatechnologies earned 500 total points
ID: 18882196
I wouldn't change a single one of those, besides the fact that they will all reshare themselves anyway, you will cause all kinds of issues if you mess with it.

I would be focussing more on what the permissions are, than what is being shared.

1, Address, not sure what that does, it must be integrated with exchange, but I am sure google holds the answers (great answer from me there, but bear with me)
2, Exchange.log, I imagine this could be unshared without the world ending, but once again, why?  If you want to clear the tracking logs out, go for your life - a good time rule is 14-60 days depending on your needs.  2 years is just a waste of space.
3, sysvol, now you are getting dangerous.  Sysvol -> http://support.microsoft.com/kb/324175 <- the domain information for public access.  DONT TOUCH IT
4, netlogon, same as 3, don't mess with it - this has the logon scripts for one, but also FRS and other domain sensitive information
5, vphome, this is how you push an installation to a client from the server - could be unshared, but why bother?
6, vplogon, could be a symantec logon script directory, or at least something called by the logon scripts - unsharing it would probably would not end the world, but then again, it is symantec (and therefore, delicate)

In short, you are going about this wrong - having a heap of default shares there is not a problem - by default your users will not be able to do anything in there anyway.  A combination of mapped drives and correct NTFS permissions should be all you really need to keep users of a small network out of trouble

-red
0
 
LVL 104

Expert Comment

by:Sembee
ID: 18882655
If you remove the server.log share then message tracking stops working.
Change the options on the properties of the server to store less of them, but I would still retain them as they are great for solving arguments about whether an email was delivered or not.

Otherwise what he said above... <grin>

Simon.
0

Featured Post

Why You Should Analyze Threat Actor TTPs

After years of analyzing threat actor behavior, it’s become clear that at any given time there are specific tactics, techniques, and procedures (TTPs) that are particularly prevalent. By analyzing and understanding these TTPs, you can dramatically enhance your security program.

Join & Write a Comment

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this Micro Video tutorial you will learn the basics about Database Availability Groups and How to configure one using a live Exchange Server Environment. The video tutorial explains the basics of the Exchange server Database Availability grou…
Viewers will learn how to use the Hootsuite Dashboard.

708 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now