Administrative shares

From Wikipedia, the free encyclopedia

Every Windows NT based Microsoft Windows system (NT/2K/XP/2003) automatically creates a network share of every hard drive. These shares will allow anyone with the administrator password access to the root directory of every hard drive on a system. They are not generally used outside of an enterprise environment.

Contents

[edit] Share names

These shares are the drive letter name with a "$" at the end.

For example:

\\NetworkComputerName\(Drive letter)$

In the real world it would look like this:

\\mycomp\c$

That would be the share of the C drive. Substitute the drive letter and it will work with any drive on the machine.

There is also a share of the Windows folder.

\\mycomp\ADMIN$

[edit] How to disable

The shares can be deleted but they will be renewed at the next startup. The easiest way to correct this is through Regedit. If the entry is not there it has to be created.

[edit] Servers

Windows NT 4.0 Server, Windows 2000 Server, Windows Server 2003

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
Name: AutoShareServer
Data Type: REG_DWORD
Value: 0

[edit] Regular workstation

Windows NT 4.0 Workstation, Windows 2000 Professional, Windows XP

Hive: HKEY_LOCAL_MACHINE
Key: SYSTEM\CurrentControlSet\Services\LanManServer\Parameters
Name: AutoShareWks
Data Type: REG_DWORD
Value: 0
In other languages