Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Remotely restricting access to c$ or removing c$

Posted on 2004-10-13
4
Medium Priority
?
260 Views
Last Modified: 2013-12-04
Is there a way remotely, preferably through group policies, to restrict access to the C$ on a computer.  If not, is there a way to remove this all together remotely?  Thanks.
0
Comment
Question by:mmedici1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 96

Expert Comment

by:Lee W, MVP
ID: 12303230
Access is, by default, restricted to administrators of the machine.

More information, as well as instructions from Microsoft on removing them altogether can be found here:
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q314984&sd=tech
0
 

Author Comment

by:mmedici1
ID: 12308063
Two problems with this:
1. The most important is how do I do this remotely
2. When I reboot the share comes back.
0
 
LVL 96

Assisted Solution

by:Lee W, MVP
Lee W, MVP earned 500 total points
ID: 12308851
Read through the whole article I posted.  Specifically, check "Method 2: Deleting default administrative shares for current and later sessions"  - note the last 3 words "and later sessions".

If you want to do this remotely, you should be able to use a GPO login script and the REG command to incorporate a registry file into the system's registry.

Alternatively, you could use PSEXEC from the free PSTOOLS, available at www.sysinternals.com.  PSEXEC can remotely execute commands on other systems (you'll want to run PSEXEC /? to get a full understanding of how to use it).  In addition, refer to REG /? for more information on using that to modify the registry.
0
 
LVL 7

Accepted Solution

by:
Chatable earned 500 total points
ID: 12320377
Allright, here's a detailed explaination on how to remove the default shares (C$, ADMIN$, etc) from a computer REMOTELY.
Before we begin I must point out that these shares are by default restricted to administrators only, and even if you remove them, someone with administrative privilleges can re-create them.
1) Log-on to the target computer using an administrator account. Do this by issuing the command on YOUR computer:
net use /user:[username] \\[target computer]
Where [username] is a user which has administrative privileges on [target computer], which is the remote computer's name.
2) Open the Registry Editor (start->run->regedit.exe)
3) Click "Registry" menu, and select "Connect network Registry"
4) Enter the name of the remote computer, and press enter.
5) A new "folder" will be created for the remote machine's registry.
6) From that folder nagivate to the following key (make sure you're doing this on the remote computer's registry, rather than your own): HKLM\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters
7) Create a DWORD value named "AutoShareWks" (no quotes) if the target computer is running a workstation-OS (Windows NT Workstation, Windows 2000 Professional or Windows XP) or named "AutoShareServer" (no quotes) if the target computer is running a server-OS (Windows NT Server, Windows 2000 Server or Windows Server 2003).
8) Set the new value's data to 0.
9) Close the registry-editor.
10) Right click "My Computer" on your desktop and select "Manage"
11) Right click "Computer Management (Local)" and select "Connect to another computer"
12) Enter the remote computer's name in the "Name" textbox.
13) If asked, enter the username/password for the administrative account on the remote computer.
14) Navigate to System Tools -> Shared Folders -> Shares
15) For each default share (EXCEPT IPC$), right click it, and select "Stop Sharing" comfirm the dialog that appears
16) Close the Computer Management window
17) You're done!
0

Featured Post

Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, a new law in my state forced us to get a top-to-bottom analysis of all of our contract client's networks. While we have documentation, it was spotty at best for some - and in any event it needed to be checked against reality. That was m…
The term "Bad USB" is a buzz word that is usually used when talking about attacks on computer systems that involve USB devices. In this article, I will show what possibilities modern windows systems (win8.x and win10) offer to fight these attacks wi…
Add bar graphs to Access queries using Unicode block characters. Graphs appear on every record in the color you want. Give life to numbers. Hopes this gives you ideas on visualizing your data in new ways ~ Create a calculated field in a query: …
Have you created a query with information for a calendar? ... and then, abra-cadabra, the calendar is done?! I am going to show you how to make that happen. Visualize your data!  ... really see it To use the code to create a calendar from a q…
Suggested Courses

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question