Do not allow drive redirectionID: oval:org.secpod.oval:def:14762 | Date: (C)2013-08-13 (M)2023-07-04 |
Class: COMPLIANCE | Family: windows |
Specifies whether to prevent the mapping of client drives in a Remote Desktop Services session (drive redirection).
By default, an RD Session Host server maps client drives automatically upon connection. Mapped drives appear in the session folder tree in Windows Explorer or Computer in the format <driveletter> on <computername>. You can use this setting to override this behavior.
If the status is set to Enabled, client drive redirection is not allowed in Remote Desktop Services sessions.
If the status is set to Disabled, client drive redirection is always allowed.
If the status is set to Not Configured, client drive redirection is not specified at the Group Policy level. However, an administrator can still disable client drive redirection by using the Remote Desktop Session Host Configuration tool.
Fix:
(1) GPO: Computer Configuration\Administrative Templates\Windows Components\Remote Desktop Services\Remote Desktop Session Host\Device and Resource Redirection\Do not allow drive redirection
(2) REG: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services!fDisableCdm
Platform: |
Microsoft Windows 7 |