Administrative share

Last updated

Administrative shares are hidden network shares created by the Windows NT family of operating systems that allow system administrators to have remote access to every disk volume on a network-connected system. These shares may not be permanently deleted but may be disabled. Administrative shares cannot be accessed by users without administrative privileges.

Contents

Share names

Administrative shares are a collection of automatically shared resources including the following: [1]

Characteristics

Administrative shares have the following characteristics:

  1. They are hidden. The "$" appended to the end of the share name means that it is a hidden share. Windows will not enumerate them among those it defines in response to typical queries by remote clients to obtain the list of shares. One needs to know the name of an administrative share in order to access it. [1] Not every hidden share is an administrative share nor is the reverse true; in other words, ordinary hidden shares may be created at the user's discretion. [1]
  2. They are automatically created by Windows, not a network administrator, and if deleted they will be automatically re-created. [2]

Administrative shares are not created by Windows XP Home Edition. [1]

Management

Administrative shares can be deleted in the same manner as any other network share, however they will be recreated automatically during the next boot cycle. [1] To prevent access to them permanently, it is necessary to disable, rather than delete them. [2]

Disabling administrative shares is not without caveats, though. [3] Previous Versions for local files, a feature of Windows Vista and Windows 7 before being rebranded as File History in Windows 8 and beyond, requires administrative shares in order to function properly. [4] [5]

Restrictions

Windows XP implements "simple file sharing" (also known as "ForceGuest"), a feature that can be enabled on computers that are not part of a Windows domain. [6] When enabled, it authenticates all incoming access requests to network shares as "Guest", a user account with very limited access rights in Windows. This effectively disables access to administrative shares. [7]

By default, Windows Vista and later use User Account Control (UAC) to enforce security. One of UAC's features denies administrative rights to a user who accesses network shares on the local computer over a network, unless the accessing user is registered on a Windows domain or using the built in Administrator account. If not in a Windows domain it is possible to allow administrative share access to all accounts with administrative permissions by adding the LocalAccountTokenFilterPolicy value to the registry. [8]

See also

References

  1. 1 2 3 4 5 "Managing Administrative Shares (Admin$, IPC$, C$) on Windows". Windows OS Hub. March 15, 2024. Archived from the original on February 22, 2021. Retrieved March 7, 2025.
  2. 1 2 3 Liang, Han; Xu, Simonx (January 15, 2025). "How to remove administrative shares in Windows". Microsoft Learn . Redmond, Washington: Microsoft. Archived from the original on December 7, 2024. Retrieved March 7, 2025.
  3. Liang, Han; Xu, Simonx; Ainapure, Kaushik; Li, Anna (January 15, 2025). "Overview of problems that may occur when administrative shares are missing". Microsoft Learn . Redmond, Washington: Microsoft. Archived from the original on September 30, 2022. Retrieved March 7, 2025.
  4. Karp, David A. (2010-06-08). Windows 7 Annoyances: Tips, Secrets, and Solutions (1st ed.). Sebastopol, California: O'Reilly Media. p. 607. ISBN   978-0-596-15762-3.
  5. Karp, David A. (2008-01-22). Windows Vista Annoyances: Tips, Secrets, and Hacks for the Cranky Consumer (1st ed.). Sebastopol, California: O'Reilly Media. p. 507. ISBN   978-0-596-52762-4.
  6. Qinglin, Gao; Dressman, Matthew (October 14, 2022). "Microsoft Security Advisory 906574: Clarification of Simple File Sharing and ForceGuest". Microsoft Learn . Redmond, Washington: Microsoft. Archived from the original on July 25, 2024. Retrieved March 7, 2025.
  7. Karp, David A. (April 18, 2006). Fixing Windows XP Annoyances: How to Fix the Most Annoying Things About the Windows OS (1st ed.). Sebastopol, California: O'Reilly Media. p. 55. ISBN   978-0-596-10053-7. Archived from the original on March 7, 2025. Retrieved March 7, 2025.
  8. Liang, Han; Xu, Simonx; Straessner, C. (January 15, 2025). "Error when you try to access an administrative share on a Windows-based computer from another Windows-based computer that's a member of a workgroup: Logon unsuccessful: Windows is unable to log you on". Microsoft Learn . Redmond, Washington: Microsoft. Archived from the original on September 20, 2022. Retrieved March 7, 2025.