GPO hide drive C


In this tutorial, we’ll see how to hide drive C using Group Policy (GPO).

This GPO is often used to hide drives on RDS farms.

Hiding the reader does not prevent access, it is possible to access the reader by the browser directly entering his address.

If you want to apply the GPO to posts / servers that are in a particular OU, you will need to set up a callback loop.


1. Open the Group Policy Management console, right-click on OR 1 where the policy should be applied and click Create GPO in this domain, and link it here … 2.
Nouvelle stratégie pour masquer le lecteur

2. Name strategy 1 and click OK 2.
Nommer la stratégie

3. Right click on Strategy 1 and click on Edit 2.
Modifier la stratégie

4. Go to the User Configuration / Policies / Administrative Templates / Windows Components / File Explorer path, click In My Computer, hide these specified drives 1.
Aller au parametre

5. Activate GPO 1, select combination 2 and click Apply 3 then OK 4.
Choisir la combinaison

6. The parameter is now Enabled 1, close the editor.
Fermer éditeur de stratégie

7. Overview of the GPO:
Résume de la stratégie

8. Log on to an extension where the policy applies and verify that drive C is hidden.
Lecteur C masqué


The problem is that the policy is applied to everyone, even administrators, we will see how to prevent the application for Domain Admins.

1. From the Group Policy Management Console, go to the Policy and Delegation tab 1 and click Advanced 2.
Paramétré de délégation

2. Select Domain Admins 1 and check box 2 to deny the policy application. Then click Apply 3 and OK 4.
Refuser la GPO

With this change, the policy will no longer be applied to the domain Admin.

Related Posts

How to install and configure WSUS on Windows Server
Windows Server Update Service (WSUS) is a built-in role in Windows Server, which enables the implementation of a Microsoft Updates distribution system internally. The benefits of WSUS: Monitoring the deployment of updates Reduced internet bandwidth U

GPO: disable access to previous versions
Introduction In this tutorial, I'll explain how to disable access to previous versions by GPO from client computers. Although convenient, this feature in case of user error can do some damage. As a reminder, in normal operation, access to previous ve

Enterprise CA: Installation and Configuration with Windows Server
In this tutorial, I will explain how to set up an enterprise CA that is linked to an Active Directory, unlike the stand-alone CA. This type of CA allows you to automate certificate generation with direct submission to the CA. Automatically issue comp

Leave a Comment