One solution may be to accept the situation and abandon your attempt
to connect via C$. You could try remote desktop instead. I say this
not because the challenge is too difficult, but because the default is the securest configuration for remote
user account control (UAC). Once you enable these hidden admin$
shares then your machine can be attacked by hackers.
Indeed, that is why Microsoft removed this capability, even though it
was popular with XP and Windows 98 users.
If you really must find a solution to the Windows 8 'Access is denied'
message then try leaving the Homegroup.
If that does not work then Launch Regedit and adjust Remote User
Account Control (UAC) settings.
Use Regedit to Create LocalAccountTokenFilterPolicy Value
Type Regedit in the Search dialog box, best right-click the executable and
'Run as administrator'.
Once Regedit launches navigate to this path:
HKLM\SOFTWARE\Microsoft\Windows
CurrentVersion\Policies\System (See screenshot below)
Once you are at this folder in the registry: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System
Recommended: Solarwinds' Permissions Analyzer - Free Active Directory Tool
I like the
Permissions Analyzer because it enables me to see WHO has permissions
to do WHAT at a glance. When you launch this tool it analyzes a users effective NTFS
permissions for a specific file or folder, and takes into account network share
access, then displays the results in a nifty desktop dashboard!
Think of all the frustration that this free SolarWinds utility saves when you are
troubleshooting authorization problems for user's access to a resource.
Give this permissions monitor a try - it's free!
The text book says create a new DWORD value called
LocalAccountTokenFilterPolicy
What I did was create a QWORD (64-bit) called
LocalAccountTokenFilterPolicy, that worked for me when the DWORD would not
allow access to my 64-bit machine.
In either case, set the value to numeric 1 (meaning on), remember to click
OK.
Mostly, the LocalAccountTokenFilterPolicy value gets created before you
have a chance to set the data value; no problem, just double-click and modify the data from 0 to 1.
Firewall: While I made the connection with the firewall
ON. If you cannot get this LocalAccountTokenFilterPolicy registry hack
to work try adding File and Printer Sharing to the firewall's Allowed
Programs.
The Default Remote Security Situation in Windows 8 and Windows 7
Even if a user is a member of the local administrators group on the
remote target, by default, they cannot connect as a full administrator. The
user has no elevation potential on the remote computer; thus if the user
wants to administer the workstation with a Security Account Manager (SAM)
account, it's best to logon using Remote Desktop. However, as discussed
above, you could try creating LocalAccountTokenFilterPolicy.
Guy Recommends: A Free Trial of the Network Performance Monitor
(NPM)
SolarWinds'
Orion performance monitor
will help you discover what's happening on your network. This
utility will also guide you through troubleshooting; the dashboard will
indicate whether the root cause is a broken link, faulty equipment or
resource overload.
Perhaps the NPM's best feature is the way it suggests solutions to network
problems. Its
second best feature is the ability to monitor the health of individual VMware
virtual machines. If you are interested in troubleshooting, and creating
network maps, then I recommend that you try NPM now.
Microsoft client operating systems from Windows 95 to XP came with built-in hidden
shares such as C$, ADMIN$ and IPC$. Actually, such hidden shares are
more commonly used on servers, and are still present on Windows Server 2008
R2.
The purpose of these hidden shares is for administrators, or those in the know, to
connect to another machine. Take the scenario where a user at MachineA
knows the administrator's password on MachineB, they could view the files on
the other computer by calling for the 'Run', or 'Search' dialog box and
typing:
\\ machineb\c$
At this point they would probably get a request for username and password.
The $ dollar sign means that these network shares never show in the
Explorer, indeed I know of administrators who created extra hidden shares
simply by appended a regular share with a dollar sign, for example a
folder called 'Stuff' shared with Stuff$, or even a folder called Stuff
shared as Secret$ if you wanted a modicum of security.
Admin$ This hidden share corresponded to the Windows
folder, or to be precise, the %Systemroot% folder, thus normally Admin$
would be a hidden share on the C:\Windows folder.
IPC$ The interprocess connect share is used by processes
that need to communicate with a client using named pipes, for example domain
controllers processing group policies; hence at least some $ shares are
still present on the latest Windows servers.
DriveLetter$ As each drive letter is born on a server, (or XP)
so the operating system creates the corresponding hidden share, for example D$, E$ and F$. It's often handy to
connect to the root of a drive when you're not sure of the precise whereabouts
of a file you need from a remote machine.
Guy Recommends: SolarWinds Engineer's Toolset v10
This
Engineer's Toolset v10 provides a comprehensive console of 50 utilities
for troubleshooting computer problems. Guy says it helps me
monitor what's occurring on the network, and each tool teaches me more about how the
underlying system operates.
There are so many good gadgets; it's like having free rein of a
sweetshop. Thankfully the utilities are displayed logically: monitoring,
network discovery, diagnostic, and Cisco tools. Try the SolarWinds Engineer's Toolset now!
The Downfall of Hidden$ Administrative Shares in Windows 8
In a nutshell, hackers and robot computer attacks exploited these
hidden shares, forcing Microsoft to take the ruthless approach and disable
Windows 8 Administrative shares by default. Actually, this about-turn
for built-in share accessibility started with Vista and continued with
Windows 7, but at first few people seemed to notice.
Summary of Windows 8 Admin Shares
For security reasons shares such as Admin$ or C$ are no longer created by
default on Windows 8 client machines. While there are work-arounds
they are fiddly, thus a better solution may be Remote Desktop Connection.
If you like this page then please share it with your friends
Guy Recommends: SolarWinds SAM
(Server & Application Monitor)
SAM is an interesting utility for inspecting services and processes on servers such as SQL or
Exchange. Take stock of your resources, or set a baseline.
