Click here to get back home

Netlogon /Sysvol
 HomeNewsGroups | Search | About
Login Password
Register Now!
 microsoft.public.windows.server.security    Post an article   get this group's latest topics as an RSS feed add this group's latest topics to your My MSN content add this group's latest topics to your My Yahoo content
Subject Author Date
Netlogon /Sysvol Leo_Surf 01-28-2006
`--> Re: Netlogon /Sysvol Roger Abell [MV...01-29-2006
Posted by Leo_Surf on January 28, 2006, 8:39 am
Please log in for more thread options
 Hello,

I have Windows 2000 server (Domain Controller) and Windows XP clients.

I have certain policies and logon scripts in Sysvol/Netlogon folder, issue
is users are able to browse (by \mydomain.com) the sysvol and netlogon
folders adn can see the scripts. Please help me in sorting this out.

Thanks in Advance,
Leo

Posted by Robert Moir on January 28, 2006, 12:33 pm
Please log in for more thread options
 Leo_Surf wrote:
> Hello,
>
> I have Windows 2000 server (Domain Controller) and Windows XP clients.
>
> I have certain policies and logon scripts in Sysvol/Netlogon folder,
> issue is users are able to browse (by \mydomain.com) the sysvol and
> netlogon folders adn can see the scripts. Please help me in sorting
> this out.

I'm not sure what there is to sort out. Assuming by "see" you mean they have
the read right, this is correct behaviour; if a user's account could not
read the script it could not execute it.



Posted by Steven L Umbach on January 29, 2006, 12:33 pm
Please log in for more thread options
If you can consider using "startup" scripts where possible. Then the user
does not need to read the script but domain computers will which you can put
into the permissions for the script file and remove authenticated users.
Startup scripts run in context of the system but can not always do user
specific tasks. --- Steve


> Hello,
>
> I have Windows 2000 server (Domain Controller) and Windows XP clients.
>
> I have certain policies and logon scripts in Sysvol/Netlogon folder, issue
> is users are able to browse (by \mydomain.com) the sysvol and netlogon
> folders adn can see the scripts. Please help me in sorting this out.
>
> Thanks in Advance,
> Leo



Posted by Roger Abell [MVP] on January 29, 2006, 2:49 pm
Please log in for more thread options
If the login scripts are wsh hosted (i.e. vbs) then the scripting encoder
can obsfucate them so that at least the most lazy or computer illiterate
cannot read them.

> Hello,
>
> I have Windows 2000 server (Domain Controller) and Windows XP clients.
>
> I have certain policies and logon scripts in Sysvol/Netlogon folder, issue
> is users are able to browse (by \mydomain.com) the sysvol and netlogon
> folders adn can see the scripts. Please help me in sorting this out.
>
> Thanks in Advance,
> Leo



Similar ThreadsPosted
Permissions on SYSVOL Directory November 13, 2005, 6:20 pm
SYSVOL security - catch 22? December 11, 2007, 5:10 pm

Our other projects:

Art Dolls, Fairies and Mermaids - Sunnyfaces.net

Roy's Linux, Programming and Search Engines messages

1-Script XML SitemapXML Sitemap