I've been taught that by appending a dollar sign to a share name, Windows would make it invisible to clients. And indeed, on Windows you can't see shares ending in a dollar sign; you have to type the name manually.
Browsing a list of shared folders on my Linux desktop though, I can see all shares just fine – hidden or not hidden. All shares like C$ and ADMIN$ are there together with the visible ones.
I thought Windows' SMB server simply didn't give out those names to anyone by design, how come Linux can view them?
To view the list of shares I did log in, might that have anything to do with it? Some special usergroup that enables you to view all shares?
Best Answer
As already stated in the comments, the dollar sign trailing the share name is just interpreted by the client so the share is removed from views. Ultimately, the share will be part of the result set of the
NetShareEnumAPI call. You also can use thenet view \\computername /allcommand to list all shares (including hidden ones) on from Windows Vista / Server 2008.The kind of privileges needed might depend on the server's version and configuration. Windows Server 2003 and earlier allowed share enumeration using NULL session (so no authentication needed to be provided at all) by default. Windows Server 2008 changes this, "everybody" can enumerate all shares - which would require authentication using any valid user (including the Guest user, if enabled).