We all know that sharing a folder on a server opens up an entry point to that server. Even if the share for the folder is hidden (by adding a $ to the share name), nearly anyone on the network can discover the share. Being notified when a share is created on a server gives you the opportunity to ensure the share is legitimate. If it’s not, you can take immediate action to remove the share and close up the insecure setting.

So we are clear, here is the situation that we are trying to resolve. First, a folder is shared from a server. Figure 1 illustrates how this is accomplished.

Figure 1. Folder sharing interface for Windows server.

Now that the folder is shared, it will show up when that server is referenced in nearly any interface. For example if a user just types \\servername in a web browser the resulting shared folders will appear. Another example is when a user types \\servername\ in the Start bar search or desktop search, as shown in Figure 2.

Figure 2. Available shared folders appear automatically during a search of a server.

At this point, there is now a new entry point into the server, but no one is aware of the new shared folder except for the person who created it. If the share is needed, there is really no issue. However, if the share is not needed and opens up access to the server needlessly, it is an issue.

Instead of taking the chance and not being made aware of each and every share, ADAudit Plus can send an alert when new shares are created. Figure 3 illustrates what the alert would look like for when the share above is created.

Figure 3. ADAudit Plus sends an alert when a new share is created.

There are many options available for the alerts that are configured and sent out. For example, the machines being monitored can be both servers or workstations, the alert can be from attention to critical, only specified machines can be monitored, etc.

Now you have a way to track all newly created shared folders on your Windows servers and workstations. If you want to start tracking your own newly created shared folders, download ADAudit Plus today here.

This site uses Akismet to reduce spam. Learn how your comment data is processed.