0

Facts: We are running a Windows 2003 AD environment. I have a server 2003 R2 with it's default admin shares: C$ and D$ Both these shares only have : sharing as Default Share, while Permissions can't be changed (as expected) and it's security settings are for only as the local computer administrator.

On the local computer, I have domain admins as group of administrators.

However, I found that ANY computer that is connected to the network, can access the shares by: \servername\d$ with full access rights - Frightening, but I have no idea why it's like that. There are NO other groups that can access in the security tab.

If I remove the share, as suggested in Importance of default windows shares off-course it can't be accessed. By restarting the server, creates the shares again - and again - any computer that is on the net can access the shares. The computer I am connecting to test, is NOT in the domain, it's a workgroup computer, with a local administrator access.

Where can I start and look for a solution? I need to have this hole fixed.

thanks

Community
  • 1
Saariko
  • 1,791
  • 13
  • 45
  • 73
  • 1
    Silly question, are you using the same administrator password on all your machines? – Nate Mar 18 '12 at 11:21
  • I have changed all local administrators name, and there is NO "Administrator" on a local machine, but yes, they all use the same password. - which led me (off course) to test - so yes, that's the problem. That lead me that if by any chance, any guest will arrive to my network, will have the same admin name, and the same password - he will gain access to the shares (if it's using authenticated users and not domain users) thanks. *make that an answer - you'll get the answered. – Saariko Mar 18 '12 at 11:36

1 Answers1

1

Make sure that you are not using the same Administrator password on all of the machines (note renaming it doesn't matter as it still uses the same SID).

Nate
  • 3,378
  • 14
  • 21
  • I did have the same local admin password for all my machines, the same goes for my Test machine. So, changing the Test machine's password (which simulates how a guest will probably be on my network) actually solved this. thanks – Saariko Mar 18 '12 at 12:07