If you can hit the c$ share on the DC without being prompted for a user/pass then the account you're using must be in the Administrators group somehow... sounds like somebody screwed up and nested the wrong group or something.
File permissions to the root of C: are normally wide open (hell, it used to be "Everyone" instead of "Authenticated Users") but the catch is that it doesn't flow down to anything else, only for the root folder. I think that's all accurate... I could be wrong though. -----Original Message----- From: Jon D [mailto:[email protected]] Sent: Monday, December 29, 2008 3:53 PM To: NT System Admin Issues Subject: C$ Permissions on a Domain Controller???? Anyone know what the proper permissions are on the C: drive of a Domain Controller? Are they special or no? I'm doing a security audit and I came across 2 domain controllers that do not require a password to access their C$ share. You can't view the permissions of the share itself, but the permissions on the C drive have authenicated users with full control. That can't be right..... Anyone see anything like that before? Anyone know how dangerous it is to change the permissions(once I determine the correct permissions)? Thanks in advance, Jon . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
