2

In an enterprise environment, you usually have several locked down Windows servers (either Windows servers/Terminal server directly, or through Citrix) where the user is logged in directly into a full window application.

There are several escape techniques from such environments, but when you have an open/save dialog, is there any way to restrict the users ability to access \127.0.0.1\c$ from such System dialogs?

invictus
  • 135
  • 1
  • 10
  • Related question on SU: 2012-12-10, [*Group Policy: Block access to \\localhost\C$*](https://superuser.com/questions/517592/group-policy-block-access-to-localhost-c). Also somewhat related: Citrix CTP/Microsoft MVP [Helge Klein blogged about changing permissions on default shares in general](https://helgeklein.com/blog/2010/12/qa-how-to-modify-permissions-on-administrative-shares/). Outcome: they are not like regular shares. – StackzOfZtuff Apr 18 '16 at 10:55

1 Answers1

3

when you say c$ you are talking about a hidden share, your users must be in the local admins group. if they are not administrators then take them out of that group

Sum1sAdmin
  • 1,914
  • 1
  • 11
  • 20