Hey.
So I've now become more comfortable with Linux (CentOS) then I have with Windows... Guess I just haven't worked with it enough to get comfortable again.

Anyways, here is the question. Did an install of SBS. Exchange and AD work great, no problems there. However when I look at the shares, there are a lot of shares on the server that are open to Authenticated users:

Address "Access to address objects"
<servername>.log "Exchange message tracking logs"
ClientApps "Windows Small Business Server Client Applications"
clients "Windows Small Business Serbver Client Setup"
DLOAgent "Symantec DLO Share" <-- from Symantec Backup Exec
faxclient "Microsoft Shared Fax Clients"
NETLOGON "Logon server share"
SYSVOL "Logon server share"
Users "Users Shared Folders"
Users Backup Folder Symantec DLO Share" <-- from Symantec Backup Exec

That seems like a lot of stuff that doesn't need to be seen by the user. Specially SYSVOL, NETLOGON, <servername>.log.

Can I get rid of some of these shares or lock them down so the users can't seem them...Haven't worked with SBS before and wondering how to make sure this is nice and secure.

Thanks.

Found this on another forum.

http://itknowledgeexchange.techtarget.com/itanswers/hide-netlogonsysvol-folder/

Basically it says to leave the two folders NETLOGON and SYSVOL alone, as theyre needed the way they are to allow the DC and other services to do their thing.

Not too sure about the logs though.

Open doesn't mean the users can molest them. Example...try to edit something in the netlogon directory as a standard user.