[2008-R2] Hide network icon

-Tyrael- Posted messages 103 Status Member -  
Thorak83 Posted messages 1140 Status Member -
Hello,

I have a server 2008-R2 that serves RDWeb/TSE for clients. I want to hide (and/or prevent access to) the network icon that appears in File Explorer for these users. So via a GPO applied to a group of users.

I found this:
Open Registry
Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\NonEnum
Create a DWORD value: {F02C1A0D-BE21-4350-88B0-7367FC96EF3C}
Enter the value:
00000001 to hide the Network in Windows Explorer
00000000 to show the Network in Windows Explorer

The problem is that this is a MACHINE policy, so it applies to the machine (and thus all users) and not to a specific person only.

So I am looking for another solution.

Ultimately I only want to display (and grant access to) in the left pane of Explorer only Library > Documents and Computer > the client drives (mounted automatically)

The part about drives is already done (very easy)

Configuration: Windows XP / Chrome 29.0.1547.62

5 answers

  1. Thorak83 Posted messages 1140 Status Member 156
     
    Hello,

    Do you have an Active Directory?

    Best regards
    0
  2. -Tyrael- Posted messages 103 Status Member 10
     
    Yes, the AD is on the same server.
    0
    1. Thorak83 Posted messages 1140 Status Member 156
       
      it's quite simple.
      Forget the registry (it's pretty odd to go through it, but oh well)
      - Open Group Policy Management (GPO)
      - Within your domain, create an OU (right-click the domain - new organizational unit)
      - give a name to this OU, move the users into this OU (those you want to apply a GPO to)
      - Then right-click the OU - Create a GPO in this domain and link it here
      - give a name to your GPO
      - right-click the GPO and modify
      - go to the "User Configuration" section
      - search for your setting and disable it

      Normally when these people reconnect the GPO will apply
      0
  3. -Tyrael- Posted messages 103 Status Member 10
     
    That’s exactly the parameter I can’t find :/
    I found the one to prevent display and access to the server disk but not to the network icon
    0
    1. Thorak83 Posted messages 1140 Status Member 156
       
      I found interesting things in User Configuration / Policy / Administrative Template / Windows Components / File Explorer / Windows Explorer /
      0
    2. Thorak83 Posted messages 1140 Status Member 156
       
      there is also User Configuration / Policy / Administration model / desktop
      0
  4. -Tyrael- Posted messages 103 Status Member 10
     
    Yes, that's exactly where I was looking.
    I also searched through all the settings, applying a "network" filter, but nothing...
    All the sites I consulted while searching on Google lead me to the registry key.
    0
    1. -Tyrael- Posted messages 103 Status Member 10
       
      Same for the desktop room I’ve already hidden the network location icon but that doesn’t seem to be the parameter either
      0
    2. Thorak83 Posted messages 1140 Status Member 156
       
      Are you sure the GPO is really applying to these users?
      0
    3. Thorak83 Posted messages 1140 Status Member 156
       
      Do a test first.
      If you enable "Hide and disable all desktop elements" in User Configuration / Administrative Templates / Desktop

      log on to the server and run gpupdate /force from the command line
      0
    4. -Tyrael- Posted messages 103 Status Member 10
       
      Indeed, since this GPO itself blocks the display and access to the C: drive on the server, which works.
      0
    5. Thorak83 Posted messages 1140 Status Member 156
       
      a small question, do you want to mask/block the network neighborhood, or block access to the network
      0
  5. -Tyrael- Posted messages 103 Status Member 10
     
    The goal is to block network access.
    In fact, clients access an application that generates PDF files (among other things). I want to give clients the option to use "Save As" and save it either
    in Libraries > Documents (i.e., on the server)
    or
    on their own machine via automatically mounted drives.

    But with experience, the less they see, the better it is. Otherwise I get calls like "Why do I get an error message when I want to save there". And it prevents them from roaming around because with a right-click they could open a file that we’re not supposed to have access to.
    0