Prevent Workgroup Browsing?

Greetings,

I have several WinXPPro SP2 machines I am about to deploy. However, I do
not have a domain controller, hence no Active Directory. My machines are
all part of a workgroup I have created.

Are there Local Security Settings I can configure such that no on else
within my subnet can see/browse my workgroup via My Network Places? I
looked under Local Security Settings\Local Policies\User Rights
Assignment and \Security Options, but nothing popped out as being obvious.

Suggestions?

"bonehead" <sendmenospam@here.net> wrote in message
news:cu65q8$eh1$1@gondor.sdsu.edu...
> Greetings,
>
> I have several WinXPPro SP2 machines I am about to deploy. However, I do
> not have a domain controller, hence no Active Directory. My machines are
> all part of a workgroup I have created.
>
> Are there Local Security Settings I can configure such that no on else
> within my subnet can see/browse my workgroup via My Network Places? I
> looked under Local Security Settings\Local Policies\User Rights Assignment
> and \Security Options, but nothing popped out as being obvious.
>
> Suggestions?

On each machine run the following command line

net config server /Hidden:Yes

This will prevent the machine appearing in a browse list.
If you wish to genuinely prevent people accessing the shares on those
machines then this is just a matter of security.

--

Regards,

Mike
--
Mike Brannigan [Microsoft]

This posting is provided "AS IS" with no warranties, and confers no
rights

Please note I cannot respond to e-mailed questions, please use these
newsgroups

"bonehead" <sendmenospam@here.net> wrote in message
news:cu65q8$eh1$1@gondor.sdsu.edu...
> Greetings,
>
> I have several WinXPPro SP2 machines I am about to deploy. However, I do
> not have a domain controller, hence no Active Directory. My machines are
> all part of a workgroup I have created.
>
> Are there Local Security Settings I can configure such that no on else
> within my subnet can see/browse my workgroup via My Network Places? I
> looked under Local Security Settings\Local Policies\User Rights Assignment
> and \Security Options, but nothing popped out as being obvious.
>
> Suggestions?

Mike Brannigan [MSFT] wrote:

> On each machine run the following command line
>
> net config server /Hidden:Yes

Thanks for replying. I will go to the MKSB and see if I can find some
documentation on the net command. In the meantime, I have two additional
questions.

1. Will users in my workgroup still be able to see other machines within
the workgroup, i.e., will I still be able to log on remotely via an
Admin account (assuming that I've set the local sharing and security
model to "Classic" (which I've done?) I suppose I can just do a test on
this...

2. I presume the way to undo this if I wished would be to go:

net config server /Hidden:No

Yes?

Mike Brannigan [MSFT] wrote:
> On each machine run the following command line
>
> net config server /Hidden:Yes

Thanks for replying. I will go to the MKSB and see if I can find some
documentation on the net command. In the meantime, I have two additional
questions.

1. Will users in my workgroup still be able to see other machines within
the workgroup, i.e., will I still be able to log on remotely via an
Admin account (assuming that I've set the local sharing and security
model to "Classic" (which I've done?) I suppose I can just do a test on
this...

2. I presume the way to undo this if I wished would be to go:

net config server /Hidden:No

Yes?

"bonehead" <sendmenospam@here.net> wrote in message
news:420798CD.6020703@here.net...
> Mike Brannigan [MSFT] wrote:
>
>> On each machine run the following command line
>>
>> net config server /Hidden:Yes
>
> Thanks for replying. I will go to the MKSB and see if I can find some
> documentation on the net command. In the meantime, I have two additional
> questions.
>
> 1. Will users in my workgroup still be able to see other machines within
> the workgroup, i.e., will I still be able to log on remotely via an Admin
> account (assuming that I've set the local sharing and security model to
> "Classic" (which I've done?) I suppose I can just do a test on this...
>
> 2. I presume the way to undo this if I wished would be to go:
>
> net config server /Hidden:No
>
> Yes?

If you hide the workstation it is not visible to any one- if you now the
path of a resources \\server\sharename you can still attach even if you
can't see it - this command just stops the machine appearing in the browse
lists.

Yes the undo of the process is as you have surmised. (you can see all this
in the online help net config /? and so on.

--

Regards,

Mike
--
Mike Brannigan [Microsoft]

This posting is provided "AS IS" with no warranties, and confers no
rights

Please note I cannot respond to e-mailed questions, please use these
newsgroups

"bonehead" <sendmenospam@here.net> wrote in message
news:420798CD.6020703@here.net...
> Mike Brannigan [MSFT] wrote:
>
>> On each machine run the following command line
>>
>> net config server /Hidden:Yes
>
> Thanks for replying. I will go to the MKSB and see if I can find some
> documentation on the net command. In the meantime, I have two additional
> questions.
>
> 1. Will users in my workgroup still be able to see other machines within
> the workgroup, i.e., will I still be able to log on remotely via an Admin
> account (assuming that I've set the local sharing and security model to
> "Classic" (which I've done?) I suppose I can just do a test on this...
>
> 2. I presume the way to undo this if I wished would be to go:
>
> net config server /Hidden:No
>
> Yes?