We help IT Professionals succeed at work.

Sysvol, Netlogon folders

Hi there,
Running windows server 2008 R2 domain.  Any user can type \\servername\ and gets visible sysvol, Netlogon folders, though they cannot change anything but I need to make myself sure if it is even safe for the domain controller to show these folders openly?
How can I make them more secure so that only domain admins would be able to see these folders?  Help plz.
Under permissions I found everyone given read permissions.  Is it default?
Comment
Watch Question

Blogger and wearer of all hats.
Commented:
This is default - don't worry - not a security issue (as long as you don't store passwords - plain text admin stuff - etc in there).
Will SzymkowskiSenior Solution Architect
Most Valuable Expert 2015
Top Expert 2015
Commented:
Users need to be able to Read, List folder contents and Read+Execute the Sysvol and Netlogon shares. These permissions are set this way so that users can get policies scripts etc from these Shares. DO NOT modify these permissions or you could possibly break something.

Will.
amanzoorNetwork infrastructure Admin

Author

Commented:
Thanks guys.  Appreciate your time.