Prevent Workgroup Browsing?

Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

Greetings,

I have several WinXPPro SP2 machines I am about to deploy. However, I do
not have a domain controller, hence no Active Directory. My machines are
all part of a workgroup I have created.

Are there Local Security Settings I can configure such that no on else
within my subnet can see/browse my workgroup via My Network Places? I
looked under Local Security Settings\Local Policies\User Rights
Assignment and \Security Options, but nothing popped out as being obvious.

Suggestions?
4 answers Last reply
More about prevent workgroup browsing
  1. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "bonehead" <sendmenospam@here.net> wrote in message
    news:cu65q8$eh1$1@gondor.sdsu.edu...
    > Greetings,
    >
    > I have several WinXPPro SP2 machines I am about to deploy. However, I do
    > not have a domain controller, hence no Active Directory. My machines are
    > all part of a workgroup I have created.
    >
    > Are there Local Security Settings I can configure such that no on else
    > within my subnet can see/browse my workgroup via My Network Places? I
    > looked under Local Security Settings\Local Policies\User Rights Assignment
    > and \Security Options, but nothing popped out as being obvious.
    >
    > Suggestions?

    On each machine run the following command line

    net config server /Hidden:Yes

    This will prevent the machine appearing in a browse list.
    If you wish to genuinely prevent people accessing the shares on those
    machines then this is just a matter of security.

    --

    Regards,

    Mike
    --
    Mike Brannigan [Microsoft]

    This posting is provided "AS IS" with no warranties, and confers no
    rights

    Please note I cannot respond to e-mailed questions, please use these
    newsgroups

    "bonehead" <sendmenospam@here.net> wrote in message
    news:cu65q8$eh1$1@gondor.sdsu.edu...
    > Greetings,
    >
    > I have several WinXPPro SP2 machines I am about to deploy. However, I do
    > not have a domain controller, hence no Active Directory. My machines are
    > all part of a workgroup I have created.
    >
    > Are there Local Security Settings I can configure such that no on else
    > within my subnet can see/browse my workgroup via My Network Places? I
    > looked under Local Security Settings\Local Policies\User Rights Assignment
    > and \Security Options, but nothing popped out as being obvious.
    >
    > Suggestions?
  2. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Mike Brannigan [MSFT] wrote:

    > On each machine run the following command line
    >
    > net config server /Hidden:Yes

    Thanks for replying. I will go to the MKSB and see if I can find some
    documentation on the net command. In the meantime, I have two additional
    questions.

    1. Will users in my workgroup still be able to see other machines within
    the workgroup, i.e., will I still be able to log on remotely via an
    Admin account (assuming that I've set the local sharing and security
    model to "Classic" (which I've done?) I suppose I can just do a test on
    this...

    2. I presume the way to undo this if I wished would be to go:

    net config server /Hidden:No

    Yes?
  3. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    Mike Brannigan [MSFT] wrote:
    > On each machine run the following command line
    >
    > net config server /Hidden:Yes

    Thanks for replying. I will go to the MKSB and see if I can find some
    documentation on the net command. In the meantime, I have two additional
    questions.

    1. Will users in my workgroup still be able to see other machines within
    the workgroup, i.e., will I still be able to log on remotely via an
    Admin account (assuming that I've set the local sharing and security
    model to "Classic" (which I've done?) I suppose I can just do a test on
    this...

    2. I presume the way to undo this if I wished would be to go:

    net config server /Hidden:No

    Yes?
  4. Archived from groups: microsoft.public.windowsxp.security_admin (More info?)

    "bonehead" <sendmenospam@here.net> wrote in message
    news:420798CD.6020703@here.net...
    > Mike Brannigan [MSFT] wrote:
    >
    >> On each machine run the following command line
    >>
    >> net config server /Hidden:Yes
    >
    > Thanks for replying. I will go to the MKSB and see if I can find some
    > documentation on the net command. In the meantime, I have two additional
    > questions.
    >
    > 1. Will users in my workgroup still be able to see other machines within
    > the workgroup, i.e., will I still be able to log on remotely via an Admin
    > account (assuming that I've set the local sharing and security model to
    > "Classic" (which I've done?) I suppose I can just do a test on this...
    >
    > 2. I presume the way to undo this if I wished would be to go:
    >
    > net config server /Hidden:No
    >
    > Yes?

    If you hide the workstation it is not visible to any one- if you now the
    path of a resources \\server\sharename you can still attach even if you
    can't see it - this command just stops the machine appearing in the browse
    lists.

    Yes the undo of the process is as you have surmised. (you can see all this
    in the online help net config /? and so on.

    --

    Regards,

    Mike
    --
    Mike Brannigan [Microsoft]

    This posting is provided "AS IS" with no warranties, and confers no
    rights

    Please note I cannot respond to e-mailed questions, please use these
    newsgroups

    "bonehead" <sendmenospam@here.net> wrote in message
    news:420798CD.6020703@here.net...
    > Mike Brannigan [MSFT] wrote:
    >
    >> On each machine run the following command line
    >>
    >> net config server /Hidden:Yes
    >
    > Thanks for replying. I will go to the MKSB and see if I can find some
    > documentation on the net command. In the meantime, I have two additional
    > questions.
    >
    > 1. Will users in my workgroup still be able to see other machines within
    > the workgroup, i.e., will I still be able to log on remotely via an Admin
    > account (assuming that I've set the local sharing and security model to
    > "Classic" (which I've done?) I suppose I can just do a test on this...
    >
    > 2. I presume the way to undo this if I wished would be to go:
    >
    > net config server /Hidden:No
    >
    > Yes?
Ask a new question

Read More

Security Active Directory Microsoft Domain Controller Windows XP