Re: \\domainname.com\SYSVOL\ is not browseable

From: David Lewis (user_at_microsoft.com)
Date: 02/01/05

Next message: WooYing: "DNS on BDC"
Previous message: Herb Martin: "Re: No Reverse Lookup"
In reply to: Kevin D. Goodknecht Sr. [MVP]: "Re: \\domainname.com\SYSVOL\ is not browseable"
Next in thread: Kevin D. Goodknecht Sr. [MVP]: "Re: \\domainname.com\SYSVOL\ is not browseable"
Reply: Kevin D. Goodknecht Sr. [MVP]: "Re: \\domainname.com\SYSVOL\ is not browseable"
Messages sorted by: [ date ] [ thread ]

Date: Mon, 31 Jan 2005 19:16:06 -0800

C:\WINDOWS\SYSVOL has
Administrators > Full Control
Authenticated Users > Read & Execute
Creator Owner > none (allow & deny not checked)
Server Operators > Read & Execute
System > Full Control

Domain users not listed. I will add it right now

On the SYSVOL share the share permissions are
Administrators > Full Control
Authenticated Users > Full Control
Everyone > Read

I went to add domain users to the security settings and I get an alert
You are about to change the permission settings on system folders, which can result in unexpected access problems and
reduce security. Do you want to continue?

Not going to do that right now. What should I do?

"Kevin D. Goodknecht Sr. [MVP]" <admin@nospam.WFTX.US>
|>In news:2e2lv0luir45lq70l9brouofe5a1mnem77@4ax.com,
|>David Lewis <user@microsoft.com> commented
|>Then Kevin replied below:
|>> Ok still not working but am getting a new error
|>>
|>> Windows cannot access the file gpt.ini for GPO
|>>
|>cn={533A8AE8-F017-4067-AF9A-3FEFAC227BFE},cn=policies,cn=system,DC=wwarch,DC
|>=com.
|>> The file must be present at the
|>> location
|>>
|><\\wwarch.com\SysVol\wwarch.com\Policies\{533A8AE8-F017-4067-AF9A-3FEFAC227B
|>FE}\gpt.ini>.
|>> (Access is denied. ).
|>> Group Policy processing aborted.
|>>
|>> Access is denied?
|>>
|>> I can do a dir of \\wwarch.com\SysVol\
|>
|>During your problems you had did you change permissions on the directory?
|>Administrators and System-Full Access; Authenticated Users and Domain\Users-
|>Read & Execute.

Next message: WooYing: "DNS on BDC"
Previous message: Herb Martin: "Re: No Reverse Lookup"
In reply to: Kevin D. Goodknecht Sr. [MVP]: "Re: \\domainname.com\SYSVOL\ is not browseable"
Next in thread: Kevin D. Goodknecht Sr. [MVP]: "Re: \\domainname.com\SYSVOL\ is not browseable"
Reply: Kevin D. Goodknecht Sr. [MVP]: "Re: \\domainname.com\SYSVOL\ is not browseable"
Messages sorted by: [ date ] [ thread ]

Relevant Pages

Re: Restricting Certain Binaries - Steve?
... ntfs/share permissions, eliminating unnecessary services, etc. ... administrators group from the "access this computer from the network" user right ... I don't know exactly how an attacker or worm gets system control. ... > execute any of these binaries from my desktop. ...
(microsoft.public.win2000.security)
Re: Restricting access on TS 2000
... C:\ - System & Administrators, Authenticated Users ... Authenticated Users (Read & Execute) ... >> NTFS Permissions and set this program as the session ...
(microsoft.public.windows.terminal_services)
Re: What Would Deactivate Hosts File?
... Administrators: Full Control ... The file is owned by the administrators group. ... Authenticated Users is more permissive than Users alone. ... HOSTS file functionality won't work. ...
(microsoft.public.windows.server.networking)
RE: ERROR?: Service Control Manager 3221229584
... This may be due to permissions on the DTC files. ... Administrators - Full Control ... Authenticated Users - Read & Execute, ...
(microsoft.public.windows.server.sbs)
Re: SBS Standard WSUS looking for SQL
... Administrators - Full Control ... Authenticated Users - Read & Execute ... I changed Authenticated Users to Full Control and ##SSEE started ...
(microsoft.public.windows.server.sbs)