[Samba] UNC-Hardening, config via group policy
Stefan G. Weichinger
lists at xunil.at
Thu Feb 11 19:47:45 UTC 2021
I currently try to rollout AV software via a group policy (doesn't
matter, which software).
A group policy sets a logon script, that one looks for a registry key,
and if it isn't there yet it calls a binary.exe from \\somedc\sysvol\
I have a GPO in place for years now that trusts
\\*\SYSVOL
\\*\NETLOGON
as found in some howtos online.
OK, maybe that one never worked ...
But group policies work, so access to these shares works so far.
I added lines matching a specific DC etc ... didn't work.
I tried to store the exe on another share which is reachable via "W:\"
from all clients ... to avoid UNC-path.
Doesn't work.
Do I have to look at these IE-Zone stuff? I have a GPO for that as well,
but have to check.
In general: is there maybe something new to configure with latest
Windows 10 clients?
thanks
More information about the samba
mailing list