Administrative share

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Administrative shares are hidden network shares created by Windows NT family of operating systems that allow system administrators to have remote access to every disk volume on a network-connected system. These shares may not be permanently deleted but may be disabled. Administrative shares cannot be accessed by users without administrative privileges. Windows XP and later further curtail the use of these shares.

Share names[edit]

Administrative shares are a collection of automatically shared resources including the following:[1]

  • Disk volumes: Every disk volume on the system is shared as an administrative share. The name of these shares consists of the drive letters of shared volume plus a dollar sign ($). For example, a system that has volumes C, D and E has three administrative shares named C$, D$ or E$. (Microsoft Windows is not case sensitive.)
  • OS folder: The folder in which Windows is installed is shared as admin$
  • Fax cache: The folder in which faxed pages and cover pages are cached is shared as fax$
  • IPC shares: This area, which is used for inter-process communication via named pipes and is not part of the file system, is shared as ipc$
  • Printers folder: This virtual folder, which contains object that represent installed printers is shared as print$
  • Domain controller shares: Windows Server family of operating system creates two domain controller-specific shares called sysvol and netlogon which do not have dollar signs ($) appended to their names.[2]

Characteristics[edit]

Administrative shares have the following characteristics:

  1. Hidden: The "$" appended to the end of the share name means that it is a hidden share. Windows will not list such shares among those it defines in typical queries by remote clients to obtain the list of shares. One needs to know the name of an administrative share in order to access it.[1] Not every hidden share is administrative share; in other words, ordinary hidden shares may be created at user's discretion.[1]
  2. Automatically created: Administrative shares are created by Windows, not a network administrator. If deleted, they will be automatically recreated.[2]

Administrative shares are not created by Windows XP Home Edition.[1]

Management[edit]

The administrative shares can be deleted just as any other network share, only to be recreated automatically at the next reboot.[1] It is, however, possible to disable administrative shares.[2]

Disabling administrative shares is not without caveats.[3] Previous Versions for local files, a feature of Windows Vista and Windows 7, requires administrative shares to operate.[4][5]

Restrictions[edit]

Windows XP implements "simple file sharing" (also known as "ForceGuest"), a feature that can be enabled on computers that are not part of a Windows domain.[6] When enabled, it authenticates all incoming access requests to network shares as "Guest", a user account with very limited access rights in Windows. This effectively disables access to administrative shares.[7]

By default, Windows Vista and later use User Account Control (UAC) to enforce security. One of UAC features denies administrative rights to user who access network shares on the local computer over a network, unless the accessing user is registered on a Windows domain. It is possible to disable UAC remote restrictions.[8]

See also[edit]

References[edit]

  1. ^ a b c d e "How to create and delete hidden or administrative shares on client computers". Support. Microsoft. 5 July 2006. Retrieved 22 July 2013. 
  2. ^ a b c "How to remove administrative shares in Windows Server 2008". Support. Microsoft. 29 October 2012. Retrieved 22 July 2013. 
  3. ^ "Overview of problems that may occur when administrative shares are missing". Support. Microsoft. 29 March 2012. Retrieved 22 July 2013. 
  4. ^ Karp, David A. (2010). Windows 7 Annoyances Tips, Secrets, and Solutions. (1st ed. ed.). Sebastopol: O'Reilly Media. p. 607. ISBN 9781449390655. 
  5. ^ Karp, David A. (2008). Windows Vista annoyances (1st ed. ed.). Sebastopol, CA: O'Reilly. p. 507. ISBN 9780596527624. 
  6. ^ "Microsoft Security Advisory (906574): Clarification of Simple File Sharing and ForceGuest". Security TechCenter. Microsoft. 23 August 2005. Retrieved 22 July 2013. 
  7. ^ "How to use the Simple File Sharing feature to share files in Windows XP". Support. Microsoft. 6 March 2013. Retrieved 22 July 2013. 
  8. ^ "Description of User Account Control and remote restrictions in Windows Vista". Support. Microsoft. 23 September 2011. Retrieved 22 July 2013.