SYSVol

[NYR]

Hello all,

Question about the SYSVOL share on a DC W2K adv. server. Anyone had any luck on hiding that share from users? Are there any drawbacks or something I should be aware of before I hide it?
Also, to hide it, should I just choose "new share" from the menu of that folder and "$sysvol" from there, or is there something else to do as well.
Thanks

 

[GlenJohnson]

Microsoft doesn't recomend using the $. That's meant for system files only and are hard coded by them. I haven't found a good way to hide files. Why do you want to hide it? Can't you just go to the properties page and de-select list folder contents? Glen A. Johnson
Microsoft Certified Professional
gjohn76351@msn.com
"An investment in knowledge pays the best interest."
Benjamin Franklin (1706 - 1790), US statesman, diplomat, inventor.

 

[NYR]

I just don't want any yahoo trying to delete it while browsing the shares for that DC. I figure hiding it would be a better way of preventing that then messin with the permissions and such. I will look at the permissions a bit closer to see what the rights are exactly.
I am not familar with the solution you suggested. Where do I find this option?
I guess if I can be certain through the folder permissions that no one can delete it, I would be happy.

 

[GlenJohnson]

Go to the properties on the folder and under security, de-select list folder contents. The folder will show as empty. Glen A. Johnson
Microsoft Certified Professional
gjohn76351@msn.com
"An investment in knowledge pays the best interest."
Benjamin Franklin (1706 - 1790), US statesman, diplomat, inventor.

 

[FilthPig]

If you don't want people to delete it remove write access. Marc Creviere

 

[ServingSize1can]

Using windows 2000 sharing security would probably be your best bet. Just hiding it does provide much security. The sysvol directory is common on w2k machines. Anyone that has installed w2k server knows about sysvol.

Adam

 

[GlenJohnson]

I knew a gent that had no security on a database, but everybody thought it was the tightest thing on earth because he told them it was secure, and didn't let them know where it was on the network. Security by dis-information. Out of 250 users, I only know of 4 people who discovered it. (I was the first.) Of course, this was on a Novell server. Since I'm porting everything off of Novell and we're going pure w2k network, I've already gotten the security tightened down much more than what it was. Glen A. Johnson
Microsoft Certified Professional
gjohn76351@msn.com
"Whatever creativity is, it is in part a solution to a problem."
Brian Aldiss (b. 1925); British science fiction writer.

 

[Guest_imported]

If you are using GPO's (Group Policies) then this mught be a problem. If you have configured your GPO's under Computer Settings as opposed to User Settings you will be allset. But if it is the other way around, and you restrict rights in anyways, you will have trouble running your GPO's, as this is where all of your GPO info is housed


On the other hand, if you configure these GPO's to run under Computer settings, they will run pre login, and run under the context of the computer account not the user account which you would have restricted. Then this will work fine.

Forget all of this if you are not running GPO's