SYSVOL Sharing across network concern

pts.
Tags:
Compliance
CRM
DataCenter
Disaster Recovery
Policies
Risk management
Security
Security management
Security Program Management
Tech support
Good morning to all. First off, let me thank everyone for their past help and support I have received from this search2000 group. I have a concern about a folder being shared across my network called SYSVOL. I know it is related to the Domain controller and maybe for scripts that have been added. In regards to SYSVOL, is it safe to have this shared across the network? Does it have to be shared where any user surfing the network can view it? I'm using Win2003 Server Enterprise, and have a two servers sharing active directory as PDC and BDC. Thanks again. Edwin

Answer Wiki

Thanks. We'll let you know when a new response is added.

Yes SYSVOL needs to be shared. Essentially it holds any logon scripts, or Group Policies defined for the domain, and needs to be accessible by logon process on client PC’s.
It is reasonably well protected, as long as you don’t try and change default permissions on it.
If you don’t use Group Policies, or logon scripts, you could hide it further, but there would be no point, as there wouldn’t be anything there to see anyway.

Discuss This Question: 1  Reply

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
  • Amigus
    In addition, if you're concerned about who can access it keep in mind that it's only "Authenticated Users." If you're want to limit the entities that can be in that group try tightening your policies for being able to authenticate or join to the domain. Simply not including anonymous users in the Everyone group (one registry setting) will prevent any rouge entities from accessing this (and almost all other) shares.
    0 pointsBadges:
    report

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Thanks! We'll email you when relevant content is added and updated.

Following