When a workstation accesses a domain, if the local administrator password is same as the domain administrator's password, the user can access the SYSVOL folder.
To prevent this, change the Security policy on the workstation by setting the LAN Manager authentication level to NTLMv2 instead of the default level of NTLMv1. For more information on security settings and editing security settings, refer to Network security: LAN Manager authentication level.