Friday, July 17, 2015


Windows 2003 share issue solution
This document has been created to address the client-server communication issue currently being faced in the post offices. System Administrator has to follow this to overcome the issue.
  1. Update the latest security patches on Windows 2003 servers

We have observed that the security patches are mostly missing from the system. Follow the steps below to update the security patches.
To update a Critical Operating systems patches, Please follow below process.
  1. Check Sufficient free disk space available in C:\ for patch installation
  2. Open the Internet Explorer Browser
  3. Click on Tools Option
  4. Click on Windows Update option
  1. Select Custom Option for patch selection
  2. Select Windows 2003 server patches only (.Net patches and IE are optional)
  1. Installed selected patches
  2. Restart the Server
  3. Check the installed patches in ‘Add Remove programs’
  1. Create a user and set complex passwords to all users

It has been observed that most of the servers are having simple or blank password set for Administrator user. Create a normal user in Local Active Directory \ User Management console
  1. Set Complex password ( Inclusive of minimum 8 character, Special character, numbers and Capital letter) to users created
  2. Set the complex password of Administrator user
  3. Remember the password set to all user ID’s
  1. Remove open shares and limit sharing access to restricted users

After installation of OS security patches and creation of user ID, there is a need to restrict the open shares.Follow the below steps to restrict the open shares
  1. Right click on My computer icon present on desktop
  2. Click on Manage Option
  3. Expand Shared Folders option
  4. Click on Shares option
  5. Go to Security tab
  6. Go To Advance
  1. Remove Allow inheritance from the parents
  1. Remove permission to Everyone and Users group and keep below users in security permission
    1. SYSTEM
    2. CREATOR OWNER
    3. Administrators
  1. Add new created user in security permission
  1. Assign a full control new user and click on ‘Apply’ &‘Ok’
  1. Apply the same security permissions to all Shared folders, Except ‘Sysvol’ & ‘Netlogon’
  1. Map the Shared Folder on client side with restricted user access

After restricting the security permission on shared folders in server, we need to perform remapping of these folders for all clients with restricted user access.
Please follow below process to map the restricted shares at client.
  1. Open ‘Windows Explorer’ > Go To Tool> Click on ‘Map Network drive’
  2. Choose a Drive letter and Provide a network path of folder from server
  3. Check the box ‘Reconnect at Logon’ and Click on ‘Connect using Different user name’
  1. Provide a user name and password of newly created users (Domainname\username)
  1. Click on ‘OK’ , ‘Finish’ and check for mapped drive in Windows explorer
  1. After completion of Drive mapping, Check the application functionality of shared drives (e.g. Speednet, Point of Sale)

No comments:

Post a Comment