Solved

Remotely restricting access to c$ or removing c$

Posted on 2004-10-13
4
249 Views
Last Modified: 2013-12-04
Is there a way remotely, preferably through group policies, to restrict access to the C$ on a computer.  If not, is there a way to remove this all together remotely?  Thanks.
0
Comment
Question by:mmedici1
  • 2
4 Comments
 
LVL 95

Expert Comment

by:Lee W, MVP
Comment Utility
Access is, by default, restricted to administrators of the machine.

More information, as well as instructions from Microsoft on removing them altogether can be found here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q314984&sd=tech
0
 

Author Comment

by:mmedici1
Comment Utility
Two problems with this:
1. The most important is how do I do this remotely
2. When I reboot the share comes back.
0
 
LVL 95

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 250 total points
Comment Utility
Read through the whole article I posted.  Specifically, check "Method 2: Deleting default administrative shares for current and later sessions"  - note the last 3 words "and later sessions".

If you want to do this remotely, you should be able to use a GPO login script and the REG command to incorporate a registry file into the system's registry.

Alternatively, you could use PSEXEC from the free PSTOOLS, available at www.sysinternals.com.  PSEXEC can remotely execute commands on other systems (you'll want to run PSEXEC /? to get a full understanding of how to use it).  In addition, refer to REG /? for more information on using that to modify the registry.
0
 
LVL 7

Accepted Solution

by:
Chatable earned 250 total points
Comment Utility
Allright, here's a detailed explaination on how to remove the default shares (C$, ADMIN$, etc) from a computer REMOTELY.
Before we begin I must point out that these shares are by default restricted to administrators only, and even if you remove them, someone with administrative privilleges can re-create them.
1) Log-on to the target computer using an administrator account. Do this by issuing the command on YOUR computer:
net use /user:[username] \\[target computer]
Where [username] is a user which has administrative privileges on [target computer], which is the remote computer's name.
2) Open the Registry Editor (start->run->regedit.exe)
3) Click "Registry" menu, and select "Connect network Registry"
4) Enter the name of the remote computer, and press enter.
5) A new "folder" will be created for the remote machine's registry.
6) From that folder nagivate to the following key (make sure you're doing this on the remote computer's registry, rather than your own): HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
7) Create a DWORD value named "AutoShareWks" (no quotes) if the target computer is running a workstation-OS (Windows NT Workstation, Windows 2000 Professional or Windows XP) or named "AutoShareServer" (no quotes) if the target computer is running a server-OS (Windows NT Server, Windows 2000 Server or Windows Server 2003).
8) Set the new value's data to 0.
9) Close the registry-editor.
10) Right click "My Computer" on your desktop and select "Manage"
11) Right click "Computer Management (Local)" and select "Connect to another computer"
12) Enter the remote computer's name in the "Name" textbox.
13) If asked, enter the username/password for the administrative account on the remote computer.
14) Navigate to System Tools -> Shared Folders -> Shares
15) For each default share (EXCEPT IPC$), right click it, and select "Stop Sharing" comfirm the dialog that appears
16) Close the Computer Management window
17) You're done!
0

Featured Post

IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

Join & Write a Comment

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
SHARE your personal details only on a NEED to basis. Take CHARGE and SECURE your IDENTITY. How do I then PROTECT myself and stay in charge of my own Personal details (and) - MY own WAY...
Illustrator's Shape Builder tool will let you combine shapes visually and interactively. This video shows the Mac version, but the tool works the same way in Windows. To follow along with this video, you can draw your own shapes or download the file…
This video shows how to remove a single email address from the Outlook 2010 Auto Suggestion memory. NOTE: For Outlook 2016 and 2013 perform the exact same steps. Open a new email: Click the New email button in Outlook. Start typing the address: …

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now