Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
December 4, 2003
The Authenticated Users group should only have Read share-level permission for the SYSVOL share.
Even though the underlying NTFS permissions on the %SystemRoot%SysvolSysvol folder DO NOT allow an Authenticated Users to write or change anything, if the ACL was accidentally changed, members of the Authenticated Users could have write or Full Control permissions on the SYSVOL folders and files.
To correct this problem:
1. Use Windows Explorer, or My Computer, to browse to %SystemRoot%SysvolSysvol.
2. Right-click the folder and press Sharing and Security.
3. Press Permissions.
4. Select Authenticated Users.
5. Clear the Full Control and Change boxes in the Allow column.
6. Press OK and OK.
You May Also Like