Vulnerability V-254396

This applies to domain controllers. It is NA for other systems. Run "Regedit". Navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters". Note the directory locations in the values for "DSA Database file". Open "Command Prompt". Enter "net share". Note the logical drive(s) or file system partition for any organization-created data shares. Ignore system shares (e.g., NETLOGON, SYSVOL, and administrative shares ending in $). User shares that are hidden (ending with $) must not be ignored. If user shares are located on the same logical partition as the directory server data files, this is a finding.

Move shares used to store files owned by users to a different logical partition than the directory server data files.