J
Jim Florence
Hello,
I'm 90% of the way through an AD design for a school and have hit a
stumbling block with security.
We need to stop the children being able to browse the network and active
directory in one fail swoop and I'm looking for pointers on the best way to
do this.
I know I can modify the security for AD objects and remove view access for
everyone and authenticated users but this also seems to cause problems with
group policy applied at lower levels.
We have a legacy NT4 domain that is also browsable and even though we are
confident that even thought they can see the shares and not access them, I'd
sleep better knowing they could see nothing at all.
We handle all directory and print mappings through login scripts so we can
tie down browsing completely.
Many thanks
Jim Florence
I'm 90% of the way through an AD design for a school and have hit a
stumbling block with security.
We need to stop the children being able to browse the network and active
directory in one fail swoop and I'm looking for pointers on the best way to
do this.
I know I can modify the security for AD objects and remove view access for
everyone and authenticated users but this also seems to cause problems with
group policy applied at lower levels.
We have a legacy NT4 domain that is also browsable and even though we are
confident that even thought they can see the shares and not access them, I'd
sleep better knowing they could see nothing at all.
We handle all directory and print mappings through login scripts so we can
tie down browsing completely.
Many thanks
Jim Florence