Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations bkrike on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Group Policy help

Status
Not open for further replies.
furious5

furious5

MIS
Jan 8, 2003
103
GB
At the moment we are having alot of problems with users being able to browse the network, and save files in any old directory on the server.

Not ideal, but this is something I have inherited.

I have set up login scripts to map to shares, and this seems to have alleviated the problem somewhat.

But I want to be able to tie the server down so that users cannot simply browse the network and connect to the server root.

Anyone got any ideas of how I can achieve this, is it something group policy could easily acheive?
 
Sort by date Sort by votes
Fix rhe right rights in the NTFS (or shared level).
By default in Microsoft, fos shares, everyone is added. Remove everyone, and make your own policy who has rights to access, and what.

Gia Betiu
gia@almondeyes.net
Computer Eng. CNE 4, CNE 5, MCSE Win2K
new: (just started)
 
Upvote 0 Downvote
Erm can you elaborate a bit more, I'm not exactly sure what you are getting at?
 
Upvote 0 Downvote
When you access a share over the network there are 2 levels of perms you have to go through, share level, and ntfs level. Traversing these perms is restrictive meaning it the share perm is set to full control, and the ntfs perm is set to read, you get read perms.

I would leave the share perms at everyone with full control, and lock down the ntfs side. This will get you some level of control over where users put data.

As far as users browsing the network, you can use GPO to set the computer browser service on all the workstations to manual. That might work for ya.
 
Upvote 0 Downvote
Erm I get the concept, I'm just struggling with the references to sharelevel & ntfs level.

Are you referring to the sharing and security of the shared folder, accessed through the properties?

 
Upvote 0 Downvote
Any ideas where to set the computer browser service in the GPO?
 
Upvote 0 Downvote
Look in Computer Config, Windows settings, security settings, systems services. Just make sure this group policy is only applied to users computers, not your servers. Use group memberships to set that.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Abdullah Al Maruf
  • Locked
  • Question
Telnet help for
Replies
2
Views
819
gbaughma
gbaughma
on3mansh0w
  • Locked
  • Question
[HELP] AD GPO not applied unexpectedly
Replies
0
Views
325
on3mansh0w
on3mansh0w
Fireksf
  • Locked
  • Question
Avaya IPOCC not generate Report, Please any body if you a have any idea help me.
Replies
1
Views
362
MarkSweetland
MarkSweetland
rrmcguire
  • Locked
  • Question
group policy to set dns
Replies
2
Views
430
rrmcguire
rrmcguire
phil3000
  • Locked
  • Question
Screensaver Via Group Policy
Replies
1
Views
294
markdmac
markdmac

Part and Inventory Search

Sponsor

Back
Top