search cancel

Mounting folders as drive using subst command doesn't appear as drive to DLP

book

Article ID: 162768

calendar_today

Updated On:

Products

Data Loss Prevention

Issue/Introduction

When mounting folders on local drive as another drive using subst command DLP does not block moving files to the mapped drive.

Cause

The cause is because DLP enumerates the drives during boot and the mapped drive was not enumerated at that time.

 

Resolution

You can create the folder using net use command or setting it in the registry so the local folder is found at boot time with other DOS Devices:

The following are net use commands you might use:

net use x: \\localhost\c$\Folder\Example

net use x: \\localhost\c$\Folder\Example /USER <username> <password>

Net use command to make drive persistent after a reboot

net use x: \\localhost\c$\Folder\Example /PERSISTENT:Yes   

Net use command to remove a drive:

         net use x: /Delete

The following steps you might use to set the drive in the registry so DLP doesn't see it added like a removable drive because it is there at boot.  In regedit go to the following path:

HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Session Manager \ DOS Devices

Add a new REG_SZ value and name it X: where X is your drive letter and the value should be the path in this format

\X\C:\Folder\Example