The default (NOS-less) installatiion of Scalability Server adds policy "Network access: Shares that can be accessed anonymously"
Article ID: 403807
Updated On:
Products
Issue/Introduction
The default (NOS-less) scalability server install adds the values SDLIBRARY$ and SDMSLIB to the Local Security Policy "Network access: Shares that can be accessed anonymously".
The commands "sd_sscmd removeshare SDLIBRARY" and "sd_sscmd removeshare MSILIB" to disable the shared folders still keeps the Local Security Policies.
Environment
Client Automation - All versions
Resolution
By design the Scalability Server installation creates the Local Security Policy "Network access: Shares that can be accessed anonymously > SDLIBRARY$,SDMSLIB" by default as it's a requirement when the shares is needed to be activated by the command "sd_sscmd addshare".
Special share/security permissions are required on these folders for package deployments and MSI network installs to function correctly.
The security policy setting "Network access: Shares that can be accessed anonymously > SDLIBRARY$,SDMSLIB" is not changed by the "sd_sscmd removeshare ..." because if somehow the shared folder needs to be enabled using the option addshare, then that required policy is already available.
Additional Information
To change that local security settings to remove the embedded network share path:
1. Run secpol.msc from the command prompt.
The Local Security Settings window appears.
2. Navigate to Security Settings, Local Policies, Security Options.
A list of security settings appears in the right pane.
3. Double-click the Network access: Shares that can be accessed anonymously setting.
The Network access: Shares that can be accessed anonymously dialog appears.
4. Clean the names of the shared folders SDLIBRARY$,SDMSLIB in the Local Policy setting tab, and click OK.
Feedback
