Dear all,
in terms of hardening a RDS server (Server 2008 R2) I'm in dire need of a solution on how to prohibit a user from accessing UNC paths via the Windows Open File Dialogue.
I've searched the internet and came upon several solutions to
- prohibit users from seeing/accessing "My Network" in Windows Explorer via Registry
- prohibit users from mapping network drives and thus accessing the network list via GPO
- prohibit users from adding printers to their sessions and thus accessing the network list via GPO
- prohibit users from accessing local RDS server drives, i.e. C:\, D:\, etc., via GPO
- and a lot of other best practices in terms of hardening a RDS server.
I already disabled the Computer Browser service as well (via GPO). Didn't work. The network list is still accessible via Open File Dialogue, e.g. Notepad, as soon as a users enters \\... something. Is there some kind of caching in place regarding the network
list? A cache that can maybe be deleted somehow?
Any help would be greatly appreciated.
Alex
Alexander Ollischer Diplom-Wirtschaftsinformatiker (FH) Citrix & Microsoft Certified Engineer (CCEA, CCEE, MCSA, MCSE, MCDBA, MCTS) Afontis IT+Services GmbH Baierbrunner Straße 15 81379 München Deutschland Telefon (089) 74 34 55-0 Fax (089) 74 34 55-55 mailto:a.ollischer@afontis.de http://www.afontis.de http://www.itganzeinfach.de Amtsgericht München, HRB 109 005 Geschäftsführer: Thomas Klimmer