Re: Network Shared Files/UNC

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Brian Desmond [MVP] (desmondb_at_payton.cps.k12.il.us)
Date: 09/17/04 

Date: Thu, 16 Sep 2004 22:35:06 -0500

I've seen this before. Easiest thing is to just type the UNC path into
Start>run. 

-- 
-- 
Brian Desmond
Windows Server MVP
desmondb@payton.cps.k12.il.us
http://www.briandesmond.com
"Mark" <anonymous@discussions.microsoft.com> wrote in message
news:019f01c49c22$f7dfb1b0$a501280a@phx.gbl...
> Good Afternoon,
>
> I was just wondering if anyone knew why a user of ours
> gets "access to the resource" + \\servername + "has been
> disallowed." when a user tries to put \\servername in the
> address bar of Internet Explorer 6.0.  I know that it is a
> Group Policy setting and not just permissions to the
> server.  If you could tell me which one it is, I'd
> appreciate it very much.  Thanks.  Also, we have had
> issues regarding our network security.  Below is our
> Deployment:
>
> 1.  One Domain
> 2.  One Domain Controller hosting the one domain
> deployment -- no backup DCs
> 3.  Created a OU named DemoUsers
> 4.  Placed the Demo User within that OU
> 5.  Applied GPO to the OU -- User Section only
> 6.  GPO settings are not inherited from the domain GPO
> 7.  GPO settings are using Very Strict Restrictions
>
> With this deployment, even though the user is prevented
> from navigating to the Network through the Network
> Neighborhood and Windows Explorer, the user is still able
> to navigate within our network and accessing the Shared
> folders of our servers by just running Notepad and going
> to File | Save and entering in \\servername.  Is there a
> way for me to prevent this access using GPOs or is there
> another way of tightening security so that the Servers are
> hidden from this user.  I can just apply security
> permissions on the shared folders on the servers but I
> would like access to the shared folders restricted not
> user explicit.  For example, if a user on that server were
> to share a folder that was important that contained
> his/her personal information in there and did not set
> security permissions to exclude certain users, then the
> demo user can in fact delete that folder or open it.  If
> anyone can help, it would save me a lot of trouble and
> hopefully keep my sanity in check.
>
> Mark

Relevant Pages

  • RE: IE Security Group Policy
    ... username and password to access the Companyweb and the GPO did not apply on ... In the Security filtering of the GPO, please select the user account or ... Step 2: Check the IIS settings on the SBS Server: ...
    (microsoft.public.windows.server.sbs)
  • Re: Setting up a domain
    ... > computer that stands alone and acts as our server. ... Yes a domain can help with improving security but by itself it doesn't mean ... but I'm guessing that's so from the '10 computers') as it can cause ... allow or deny people access to various folders, ...
    (microsoft.public.security)
  • Re: Moved & Deleted Files
    ... share will not go to the recycle bin on the server. ... For Windows 2000 you can enable auditing of object access in the Local ... Security Policy or Domain Controller Security Policy for domain controllers ... and then audit folders for user access. ...
    (microsoft.public.security)
  • Re: Group Policy is now inhibiting the Administrator account
    ... under Group Policy Objects - those are the individual GPOs. ... You can apply any given GPO to one or more OUs, ... I use all of the default security in SBS, ... log on to the server with your own account. ...
    (microsoft.public.windows.server.sbs)
  • RE: Running TS on DC
    ... but create a GPO that will apply to the server: ... Security - Security Zones and Content Ratings ... can force the same settings to all that logs into it. ... services" to enable user account to login to the Dc/terminal server. ...
    (microsoft.public.windows.terminal_services)