Windows
2003 share issue solution
This document has been created to
address the client-server communication issue currently being faced
in the post offices. System Administrator has to follow this to
overcome the issue.
Update the latest security patches on Windows 2003 servers
We have observed that the security
patches are mostly missing from the system. Follow the steps below to
update the security patches.
To update a Critical Operating systems
patches, Please follow below process.
- Check Sufficient free disk space available in C:\ for patch installation
- Open the Internet Explorer Browser
- Click on Tools Option
- Click on Windows Update option
- Select Custom Option for patch selection
- Select Windows 2003 server patches only (.Net patches and IE are optional)
- Installed selected patches
- Restart the Server
- Check the installed patches in ‘Add Remove programs’
Create a user and set complex passwords to all users
It has been observed that most of the
servers are having simple or blank password set for Administrator
user. Create a normal user in Local Active Directory \ User
Management console
- Set Complex password ( Inclusive of minimum 8 character, Special character, numbers and Capital letter) to users created
- Set the complex password of Administrator user
- Remember the password set to all user ID’s
Remove open shares and limit sharing access to restricted users
After installation of OS security
patches and creation of user ID, there is a need to restrict the open
shares.Follow the below steps to restrict the open shares
- Right click on My computer icon present on desktop
- Click on Manage Option
- Expand Shared Folders option
- Click on Shares option
- Go to Security tab
- Go To Advance
- Remove Allow inheritance from the parents
- Remove permission to Everyone and Users group and keep below users in security permission
- SYSTEM
- CREATOR OWNER
- Administrators
- Add new created user in security permission
- Assign a full control new user and click on ‘Apply’ &‘Ok’
- Apply the same security permissions to all Shared folders, Except ‘Sysvol’ & ‘Netlogon’
Map the Shared Folder on client side with restricted user access
After restricting the security
permission on shared folders in server, we need to perform remapping
of these folders for all clients with restricted user access.
Please follow below process to map the
restricted shares at client.
- Open ‘Windows Explorer’ > Go To Tool> Click on ‘Map Network drive’
- Choose a Drive letter and Provide a network path of folder from server
- Check the box ‘Reconnect at Logon’ and Click on ‘Connect using Different user name’
- Provide a user name and password of newly created users (Domainname\username)
- Click on ‘OK’ , ‘Finish’ and check for mapped drive in Windows explorer
- After completion of Drive mapping, Check the application functionality of shared drives (e.g. Speednet, Point of Sale)
No comments:
Post a Comment