服务器 Gind.cn
  1. 服务器 Gind.cn
  3. 删除地址栏或从Windows资源pipe理器隐藏其内容 – Windows Server 2008 R2
Intereting Posts
301redirect,规范问题 在php上安装libv8 ec2-consistent-snapshot mongodb – mongod.lock文件 Unix用户和组服务器pipe理解决scheme 在一台服务器上托pipe多个袜子代理 MySQL启动服务 find域中的所有IISnetworking服务器? 分别提取networking接口的ip,mask和gateway Sendmail – IP可能是伪造的 RDP和pinging工作正常,但其他应用程序无法连接 将具体权限委托给AD上的服务台 解谜:开启https时显示php代码 nginx如何有一个try_files的dynamic顺序 Windows 10中的环境variables工具可以直接启动吗? 监听多个端口只适用于本地主机,但不适用于服务器的外部IP

删除地址栏或从Windows资源pipe理器隐藏其内容 – Windows Server 2008 R2

我目前正试图find一个GPO或registry编辑,可以从Windows资源pipe理器中删除地址栏或防止栏显示完整的UNCpath。 当前环境对C:\驱动器以及networking共享有完全的限制。 但是,我能find的唯一的“安全漏洞”是用户可以完全访问其他用户的漫游configuration文件。 也就是说,如果他们足够聪明,可以使用环境variables浏览到他们的个人资料文件夹,并因此显示共享的完整UNCpath。 如果情况变得更糟,我总是可以启用下面的GPO条目,但启用它只会产生大量的pipe理员头痛问题,因为即使启用了Add the Administrator security Group to roaming user profiles时,策略也会剥夺inheritance权限 

 User Config>Policies>Windows Settings>Folder Redirection>Documents>Options Grant user exclusive rights to Documents

我也尝试了以下registry修改没有运气

 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Explorer] "ITBar7Layout"=hex:11,00,00,00,4c,00,00,00,00,00,00,00,34,00,00,00,19,00,00,00,\ 40,00,00,00,01,00,00,00,20,07,00,00,a0,0f,00,00,05,00,00,00,62,05,00,00,26,\ 00,00,00,02,00,00,00,21,07,00,00,a0,0f,00,00,04,00,00,00,29,05,00,00,a0,0f,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser] "ITBar7Layout"=hex:11,00,00,00,4c,00,00,00,00,00,00,00,34,00,00,00,19,00,00,00,\ 40,00,00,00,01,00,00,00,20,07,00,00,a0,0f,00,00,05,00,00,00,62,05,00,00,26,\ 00,00,00,02,00,00,00,21,07,00,00,a0,0f,00,00,04,00,00,00,29,05,00,00,a0,0f,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,\ 00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00,00

任何其他build议在做什么将不胜感激。 -谢谢

既然你已经知道你应该使用… 

 User Config>Policies>Windows Settings>Folder Redirection>Documents>Options > Grant user exclusive rights to Documents

…那么你唯一的select是正确的,因此可能会创build一些pipe理/pipe理头痛,或继续尝试find方法来隐藏UNCpath 。 没有什么,我现在就让你进去,但你可以继续尝试。

另一个你试图隐藏UNC时没有想到的问题是,用户也可以通过File> Save As来启用UNCpath。 我相信除了这里提到的两个以外,还有更多的方法,但是刚才find了我,我知道你不能把它藏在那里。 他们被devise为被看见。

我真的很抱歉,如果这种情况匆匆而过,但你已经知道你的问题的答案我害怕。

@RHQ – 你对NathanC关于权限的评论是不正确的。 我已经使用了漫游configuration文件10年,并且从未授权通过身份validation的用户组访问漫游configuration文件共享。 这是应该如何configuration权限: http : //technet.microsoft.com/en-us/library/cc737633(v=ws.10).aspx

以下是我的环境的两个屏幕截图。 首先是一个屏幕截图,显示了我的用户组对根文件夹的有效权限。 第二个是我的漫游configuration文件夹的屏幕截图。 你会看到我的用户组(Customers)或Authenticated Users组都没有我的漫游configuration文件文件夹的任何权限。 只有我的用户帐户,系统和pipe理员有权限。

在这里输入图像说明

在这里输入图像说明