Results 1 to 5 of 5
  1. #1
    New Lounger
    Join Date
    Feb 2005
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Securing the File Open Dialog (Office 2000/XP/2003)

    Okay this issue really is driving me nuts.
    I am trying to secure an educational network. All the client PCs are running Windows 2000 or Windows XP. The client machines have a combination of Office 2000 , Office XP and Office 2003 installed.
    With all versions of Office I am able to enter a unc such as myserversysvol in the common file dialog box. I have used group policy to disable this fuctionality in windows explorer. But with Office using its own shell enviroment this does not secure Office.
    This seems like it must be a common issue , but after extensive research I still cannot find a solution.
    If anyone knows a fix for this problem please enlighten me !

  2. #2
    Plutonium Lounger
    Join Date
    Dec 2000
    Location
    Sacramento, California, USA
    Posts
    16,775
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Securing the File Open Dialog (Office 2000/XP/2003)

    Isn't that something you would normally do at the server rather than in Office? They can type in anything they want, but if they have no permissions to go there, what purpose is served?
    Charlotte

  3. #3
    New Lounger
    Join Date
    Feb 2005
    Posts
    2
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Securing the File Open Dialog (Office 2000/XP/2003)

    SYSVOL and NETLOGON are by default read only to authenticated users. I would not want to modify these shares as the logon process would no longer function. But by using a unc such as myservernetlogon a user can still drill down and run scripts that are contained here. Group policy allows you to control the explorer shell to stop this , but of course the shell that Office uses is totally independent.
    If there are any recommended share / file permisions that can be configured on the server side then Im happy to try. Microsofts knowledge base talks about hiding share sBUT convienently does not address the issue of NETLOGON and SYSVOL. Of course the other issue is that even if the share is hidden and the end user knows it exists (NETLOGON SYSVOL) they can still be accessed through Office.

  4. #4
    Platinum Lounger
    Join Date
    Nov 2001
    Location
    Vienna, Wien, Austria
    Posts
    5,009
    Thanks
    0
    Thanked 0 Times in 0 Posts

    Re: Securing the File Open Dialog (Office 2000/XP/

    To me this seems to be really an issue for the Servers Board. On that basis, I am moving this thread over, as there are experts there who seldom visit the General Office Solutions Board. HTH
    Gre

  5. #5
    Administrator
    Join Date
    Mar 2001
    Location
    St Louis, Missouri, USA
    Posts
    23,329
    Thanks
    5
    Thanked 1,014 Times in 889 Posts

    Re: Securing the File Open Dialog (Office 2000/XP/2003)

    Have you checked out the policy templates available with the Resource Kits for the various Office releases? Here's the starting point: Microsoft Office Online: Office Resource Kit Home Page

    Joe
    Joe

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •