+ Post New Thread
Results 1 to 10 of 10
Windows Thread, Stop students browsing the network from word hyperlinks in Technical; I KNOW this has been talked about a bit before but I cant find any suitable threads from searching (no ...
  1. #1

    Join Date
    Jul 2006
    Location
    London
    Posts
    2,962
    Thank Post
    159
    Thanked 152 Times in 116 Posts
    Rep Power
    48

    Stop students browsing the network from word hyperlinks

    I KNOW this has been talked about a bit before but I cant find any suitable threads from searching (no doubt someone will find me a link straight away )

    Basically, if a student types a server name eg \\server1 into word and lets that become a hyperlink, they can click it and see all visible shares on that server, despite the fact if they type the same thing into explorer it will not let them see anything

    Its not a huge problem, because all our important shares are both hidden and well secured with NTFS permissions, but I would still prefer it not to be possible, because there are a few shares they can see, and of course once they are in explorer they can see the entire network and be able to see pc and printer names

    Any way to stop it?

  2. #2

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328

    Re: Stop students browsing the network from word hyperlinks

    There are three policies which should do the trick:

    User Config > Admin Templates > Desktop

    Enable - Hide My Network Places icon on desktop

    User Config > Admin Templates > Windows Components > Windows Explorer

    Enable - No "Computers Near Me" in My Network Places
    Enable - No "Entire Network" in my Network Places

    Hope this helps

  3. #3
    KarlGoddard's Avatar
    Join Date
    Jul 2005
    Location
    Bolton, Lancashire
    Posts
    271
    Thank Post
    37
    Thanked 18 Times in 18 Posts
    Rep Power
    24

    Re: Stop students browsing the network from word hyperlinks

    That didn't work for me.

    Using my test pupil account I could still navigate to server shares using the technique in the OP's post.

  4. #4

    Geoff's Avatar
    Join Date
    Jun 2005
    Location
    Fylde, Lancs, UK.
    Posts
    11,800
    Thank Post
    110
    Thanked 582 Times in 503 Posts
    Blog Entries
    1
    Rep Power
    223

    Re: Stop students browsing the network from word hyperlinks

    I think if you get the Office ADM templates from the resource kit, there are settings to disable the hyperlinking.

  5. #5
    KarlGoddard's Avatar
    Join Date
    Jul 2005
    Location
    Bolton, Lancashire
    Posts
    271
    Thank Post
    37
    Thanked 18 Times in 18 Posts
    Rep Power
    24

    Re: Stop students browsing the network from word hyperlinks

    Quote Originally Posted by Geoff
    I think if you get the Office ADM templates from the resource kit, there are settings to disable the hyperlinking.
    I wasn't aware of this problem until Sidewinder posted it. I assumed existing Explorer policies would've kicked in... but alas no.

    Since his post I've spent some time looking for a solution and disabling hyperlinks in Office was my first idea but, in our school at least, several depts - MFL in particular - have loads of Office resources which have links to websites in them. If I disable them en masse it'd cause more 'operational' problems for us.

    I've looked at trying to disable only UNC path links with no success.

    I don't want to start messing around with sec settings (List Folder Contents / Traverse etc) on my Netlogon etc folder either as I don't really have the facility to test any changes during term time.

    I even thought about down and dirty stuff like setting the contents of these folders to hidden and then applying a policy to remover the folder options from Tool menu in Explorer. Yes I was getting THAT desperate.

    At the end of the day our approach is that it isn't a major security threat. The kids can't write / modify / delete anything in the folders. They can however view all our scripts - which were not overjoyed about.

    We are closely monitoring / auditing files in the Netlogon folder just to see who potentially has been accessing it (none so far) and then using the AUP to handle any wrong-doers.

    Good thread though, as I was totally unaware of this 'get around'

  6. #6

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328

    Re: Stop students browsing the network from word hyperlinks

    I've managed to re-create what you guys are talking about, however try this. I'm using Office 2003 in this example and these settings might be adjustable using OrkTools (Office Resource Kit).

    Tools > AutoCorrect Options

    Click the "AutoCorrect" tab, type the \\servername and then whatever you want to replace that with.

    Click the "AutoFormat As You Type" tab and untick - Internet and network paths with hyperlinks

    Click the "AutoFormat" tab and untick - Internet and network paths with hyperlinks

    If these option(s) are not available to adjust as policies, you could do everything specified above, make the profile mandatory for all pupils, then using the OrkTools (which I am 99.9% possible) is disable access to Tools > Options altogether so they cannot undo those changes.

    Hope this helps!

  7. #7

    Join Date
    Aug 2005
    Location
    London
    Posts
    3,144
    Thank Post
    113
    Thanked 518 Times in 447 Posts
    Blog Entries
    2
    Rep Power
    121

    Re: Stop students browsing the network from word hyperlinks

    What about this?

    type "Click here"

    Highlight it

    Right click - choose Hyperlink

    Type in the address

    Email this to all my friends

    I think you have to accept that there are some things which students will do that may look bad but actually don't matter. As long as you have security set properly and you don't but critical files in exposed areas then the world won't end. The alternative is to drive yourself mad worrying about all the "bad" things pupils can do :-)

  8. #8

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    8,941
    Thank Post
    232
    Thanked 1,510 Times in 1,206 Posts
    Rep Power
    328

    Re: Stop students browsing the network from word hyperlinks

    E-mail links aren't the problem. If you try enter text "click here", right click, insert hyperlink and type \\servername it doesn't work (after performing what I wrote in my last post).

  9. #9

    SYNACK's Avatar
    Join Date
    Oct 2007
    Posts
    10,686
    Thank Post
    824
    Thanked 2,570 Times in 2,187 Posts
    Blog Entries
    9
    Rep Power
    731

    Stop students browsing the network from word - Solution

    There is a solution but it can take a little time depending on your setup.

    Under the NTFS file permissions for each of the shares ie the documents shares simply go to the shared folder itself in Explorer and opens its properties. There is an advanced button under the security tab that will allow you to Add... a permission set to your student user group. Now you can click the clear all button then check the Deny box for List Folder/Read Data and make sure that this is not inherited by subfolders ie apply to: this object only.

    Now even if they use this method in word they will only see a message saying that they are not allowed or a blank folder depending on your client OS settings. This will not effect mapping ie when the login script maps the students home directory because the script knows the name of the folder and does not require the list of other folders in the share.

    You can hide things at the server name level adding a $ sign to the end of each share and printer name which will cause them not display when the server is browsed directly ie \\server.

  10. #10
    projector1's Avatar
    Join Date
    Nov 2005
    Posts
    452
    Thank Post
    67
    Thanked 1 Time in 1 Post
    Rep Power
    18

    Re: Stop students browsing the network from word hyperlinks

    yet another annoying little trick for them to show off to their friends!
    interestin thread, i know they could launch the webtools and then ue that to access the c systm drive!
    But as this site as told me over the year, as long as the ACL's are correct then they will not be able to do anything (yet!)
    it's friday, 8.50 pm and still work is being discussed,
    quick..need to power down this machine!

SHARE:
+ Post New Thread

Similar Threads

  1. Word 2003 Hyperlinks restricted
    By mrbios in forum Windows
    Replies: 8
    Last Post: 18th June 2010, 09:01 AM
  2. Replies: 14
    Last Post: 11th March 2008, 01:54 PM
  3. Stop Cubase registration screen for Students.
    By maniac in forum Educational Software
    Replies: 1
    Last Post: 11th September 2007, 12:58 PM
  4. One XP notebook with slow network browsing
    By pburchell in forum Windows
    Replies: 1
    Last Post: 28th March 2007, 08:56 AM
  5. Stop students stealing mice
    By adamyoung in forum How do you do....it?
    Replies: 70
    Last Post: 21st February 2006, 08:49 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •