Administrative shares are hidden

network share In computing, a shared resource, or network share, is a computer resource made available from one host to other hosts on a computer network. It is a device or piece of information on a computer that can be remotely accessed from another comput ...

s created by

Windows NT Windows NT is a proprietary graphical operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems sc ...

family of

operating system An operating system (OS) is system software that manages computer hardware, software resources, and provides common services for computer programs. Time-sharing operating systems schedule tasks for efficient use of the system and may also in ...

s that allow

system administrator A system administrator, or sysadmin, or admin is a person who is responsible for the upkeep, configuration, and reliable operation of computer systems, especially multi-user computers, such as servers. The system administrator seeks to ensu ...

s to have remote access to every disk volume on a network-connected system. These shares may not be permanently deleted but may be disabled. Administrative shares cannot be accessed by users without administrative privileges.

Share names

Administrative shares are a collection of automatically shared resources including the following: * Disk volumes: Every disk volume on the system is shared as an administrative share. The name of these shares consists of the drive letters of shared volume plus a dollar sign ($). For example, a system that has volumes C, D and E has three administrative shares named C$, D$ and E$. (

NetBIOS NetBIOS () is an acronym for Network Basic Input/Output System. It provides services related to the session layer of the OSI model allowing applications on separate computers to communicate over a local area network. As strictly an API, NetB ...

is not case sensitive.) * OS folder: The folder in which Windows is installed is shared as admin$ * Fax cache: The folder in which faxed pages and cover pages are cached is shared as fax$ * IPC shares: This area, which is used for

inter-process communication In computer science, inter-process communication or interprocess communication (IPC) refers specifically to the mechanisms an operating system provides to allow the processes to manage shared data. Typically, applications can use IPC, categori ...

via

named pipes In computing, a named pipe (also known as a FIFO for its behavior) is an extension to the traditional pipe concept on Unix and Unix-like systems, and is one of the methods of inter-process communication (IPC). The concept is also found in OS/2 an ...

and is not part of the

file system In computing, file system or filesystem (often abbreviated to fs) is a method and data structure that the operating system uses to control how data is stored and retrieved. Without a file system, data placed in a storage medium would be one larg ...

, is shared as ipc$ * Printers folder: This virtual folder, which contains objects that represent installed printers is shared as print$ *

Domain controller A domain controller (DC) is a server computer that responds to security authentication requests within a computer network domain. It is a network server that is responsible for allowing host access to domain resources. It authenticates users, store ...

Windows Server Windows Server (formerly Windows NT Server) is a group of operating systems (OS) for servers that Microsoft has been developing since July 27, 1993. The first OS that was released for this platform was Windows NT 3.1 Advanced Server. With the r ...

family of operating system creates two domain controller-specific shares called sysvol and netlogon which do not have dollar signs ($) appended to their names.

Characteristics

Administrative shares have the following characteristics: # Hidden: The " $" appended to the end of the share name means that it is a hidden share. Windows will not list such shares among those it defines in typical queries by remote clients to obtain the list of shares. One needs to know the name of an administrative share in order to access it. Not every hidden share is an administrative share; in other words, ordinary hidden shares may be created at user's discretion. # Automatically created: Administrative shares are created by Windows, not a network administrator. If deleted, they will be automatically recreated. Administrative shares are not created by

Windows XP Home Edition Windows XP, which is the next version of Windows NT after Windows 2000 and the successor to the consumer-oriented Windows Me, has been released in several editions since its original release in 2001. Windows XP is available in many languages. In ...

Management

The administrative shares can be deleted just as any other network share, only to be recreated automatically at the next reboot. It is, however, possible to disable administrative shares. Disabling administrative shares is not without caveats. Previous Versions for local files, a feature of

Windows Vista Windows Vista is a major release of the Windows NT operating system developed by Microsoft. It was the direct successor to Windows XP, which was released five years before, at the time being the longest time span between successive releases of ...

and

Windows 7 Windows 7 is a major release of the Windows NT operating system developed by Microsoft. It was released to manufacturing on July 22, 2009, and became generally available on October 22, 2009. It is the successor to Windows Vista, released nearly ...

, requires administrative shares to operate.

Restrictions

Windows XP Windows XP is a major release of Microsoft's Windows NT operating system. It was released to manufacturing on August 24, 2001, and later to retail on October 25, 2001. It is a direct upgrade to its predecessors, Windows 2000 for high-end and ...

implements "simple file sharing" (also known as "ForceGuest"), a feature that can be enabled on computers that are not part of a Windows domain. When enabled, it authenticates all incoming access requests to network shares as "Guest", a

user account A user is a person who utilizes a computer or network service. A user often has a user account and is identified to the system by a username (or user name). Other terms for username include login name, screenname (or screen name), accoun ...

with very limited access rights in Windows. This effectively disables access to administrative shares. By default,

and later use

User Account Control User Account Control (UAC) is a mandatory access control enforcement feature introduced with Microsoft's Windows Vista and Windows Server 2008 operating systems, with a more relaxed

(UAC) to enforce security. One of UAC's features denies administrative rights to a user who accesses network shares on the local computer over a network, unless the accessing user is registered on a

Windows domain A Windows domain is a form of a computer network in which all user accounts, computers, printers and other Principal (computer security), security principals, are registered with a central database located on one or more clusters of central compu ...

or using the built in Administrator account. If not in a

it is possible to allow administrative share access to all accounts with administrative permissions by adding th
LocalAccountTokenFilterPolicy value
to the registry.

References

{{DEFAULTSORT:Administrative Share Microsoft server technology Data security Windows communication and services

Share names

Characteristics

Management

Restrictions

See also

References