Solved

How to stop sharing the D drive?

Posted on 2008-10-09
7
1,558 Views
Last Modified: 2012-05-05
If I select the D drive properties and want to stop sharing the drive but...
a message appears as if I would have clicked on the C drive.

"This share was created for administrator purposes only. The share will reappear when the Server service is stopped and restarted or the computer is rebooted."

But I don't want to share the D drive. That isn't a system drive.
How can I stop sharing the D drive for good?
0
Comment
Question by:didier20
7 Comments
 
LVL 70

Expert Comment

by:KCTS
Comment Utility
By default ALL hard drives are shared to administrators with the C$, D$ etc names. If you want to disable this see http://www.petri.co.il/disable_administrative_shares.htm
0
 

Author Comment

by:didier20
Comment Utility
I created the registry key discribed in the link and it stopped the sharing from C and D drive.
I think there's no possibility to stop share the D drive only.
0
 
LVL 23

Expert Comment

by:DanCh99
Comment Utility
What are you trying to achieve here? - there may be a different way to do it...  

Even though D$ is shared to Admins as KCTS says, you may be able to add a 2nd level of more explicit permissions to exclude some connections.  
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 70

Expert Comment

by:KCTS
Comment Utility
Why are you trying to stop admin shares - only admins can use them - so as long as your users are not admins there is no issue (if your users are admins - then you have bigger issues than this to deal with)
0
 

Author Comment

by:didier20
Comment Utility
We're a big company and here are 5 administrators who'd map my D drive and browse among my files.

On the D drive I have my personal files, not all but many, and I don't want my colleagues to open them.
0
 
LVL 70

Accepted Solution

by:
KCTS earned 100 total points
Comment Utility
If they are admins then they can get around this  - do there is little point in what you are attempting. If you want to prevent access to your files create an encrypted folder and store you files in that (don't forget to export the encryption key for safety - its best to keep a copy of the key to recover your encrypted documents in an emergency).

If you encrypt files then only yourself, anyone else you decide to add, and the Data Recovery Agent, if its a domain, can access your files even if they have the necessary NTFS and share permissions
0
 
LVL 1

Expert Comment

by:hackpin
Comment Utility
Here's a quick solution ... I hope it works


FOR Servers
----------------------------------------------
For NT 4.0/W2K/Windows Server 2003s, the change is:

Hive: HKEY_LOCAL_MACHINE Key: SYSTEM\CurrentControlSet\Services\LanManServer\Parameters Name: AutoShareServer Data Type: REG_DWORD Value: 0
Idiot proof note: If you can't find the value in the registry under the exact location (i.e. it does not exist) - please right click in the right pane of the window and create it.

Note: A reboot is necessary for this to take effect.

FOR Workstations

For NT 4.0 Workstation/W2K Pro/XP Pro, the change is:

Hive: HKEY_LOCAL_MACHINE Key: SYSTEM\CurrentControlSet\Services\LanManServer\Parameters Name: AutoShareWks Data Type: REG_DWORD Value: 0
A double idiot proof note:  If you can't find the value in the registry under the exact location (i.e. it does not exist) - please right click in the right pane of the window and create it.

Note: Again, a reboot is necessary for this to take effect. If you want the administrative shares to be re-created, you can change the value back to 1.

Note: Some applications depend on the presence of these shares. If things stop working you'll know to re-enable the shares.
 Security note: Unfortunately this registry hack does NOT stop the IPC$ share and this is a share that is often used by hackers to enumerate systems before attack since it can yield a wealth of information about your system names, your user names, and more. If your ACL permissions are not correct or you haven't disabled anonymous user access or you haven't disabled the guest account then this port can lead to total system compromise within minutes!

Thanks


0

Featured Post

Free Trending Threat Insights Every Day

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Ok I have been working on this for some time having learned and gained certification in XenDesktop 4 along came version 5 which was released last month. Since then I have been working to deploy XenDesktop 5 in a small environment with only 2 virt…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup". After a while, you have entered a loop for Auto repair which does not fix anything and you will be in a  panic as all your work w…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video discusses moving either the default database or any database to a new volume.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now