Announcement

Collapse
No announcement yet.

Hiding Sysvol and Netlogon shares?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Hiding Sysvol and Netlogon shares?

    Hi there,

    Is it possible to hide the sysvol and netlogon shares on our windows domain network?

    We have a windows domain on a subnet and another standalone server on the same subnet that will be managed by someone else. I am just carrying out some tests and from the standalone server and they are able to browse the shares and write files to the sysvol share!!

    Is there anyway i can secure these two shares? is it possible to put a $ on the end of the share to hide it?

    Anyone any ideas on what is possible? I don't want to come in one day to find that the domain has gone down because someone has messed up the sysvol share!

    Thanks

  • #2
    Re: Hiding Sysvol and Netlogon shares?

    You can't hide the SYSVOL share because it's required for logging on and also holds the group policies.

    Have you considered configuring auditing on these folders so you can track any changes?

    Comment


    • #3
      Re: Hiding Sysvol and Netlogon shares?

      Check the security permissions -- only the built-in Administrators & System Groups should have full control
      Tom Jones
      MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
      PhD, MSc, FIAP, MIITT
      IT Trainer / Consultant
      Ossian Ltd
      Scotland

      ** Remember to give credit where credit is due and leave reputation points where appropriate **

      Comment


      • #4
        Re: Hiding Sysvol and Netlogon shares?

        I will check the security permissions and look into auditing.

        Is it possible to hide them by adding a $ on the end?

        Comment


        • #5
          Re: Hiding Sysvol and Netlogon shares?

          NO!
          Do not mess with the SYSVOL and NETLOGON shares or your domain WILL cease to function properly!
          Tom Jones
          MCT, MCSE (2000:Security & 2003), MCSA:Security & Messaging, MCDBA, MCDST, MCITP(EA, EMA, SA, EDA, ES, CS), MCTS, MCP, Sec+
          PhD, MSc, FIAP, MIITT
          IT Trainer / Consultant
          Ossian Ltd
          Scotland

          ** Remember to give credit where credit is due and leave reputation points where appropriate **

          Comment


          • #6
            Re: Hiding Sysvol and Netlogon shares?

            The seperate server i am trying to access them from use to be part of the domain. It looks like i have the same admin user locally as my domain admin account and possible something to do with cached credentials or something weird with kerbos.

            When I create a new local admin users I cannot see anything and things are fine!

            Comment

            Working...
            X