Using Group Policy to Disable Show Hidden Files

August 19, 2019 Chris Hartwig

There are thousands of hidden files on your workstation that were installed with your applications and operating system that you probably are not aware exist. Deleting these hidden files could be catastrophic, so keeping these files safe and hidden is important. If you discover certain hidden files and attempt to delete or alter them, there could be a number of unforeseen consequences for the operating system and applications, including data loss and completely crashing the system.

New Call-to-action

To safeguard against such a system crash, be certain hidden files are in fact hidden. In a domain environment it is best to use group policy to disable showing hidden files to quickly ensure all workstations comply with this policy. 

How to Configure Group Policy to Disable Show Hidden Files

  1.  Open Group Policy Management from Administrative Tools under the Start Menu
    wpd_cs_install_1-2
  2. Right-click the domain or organizational unit where you would like to apply the OU.
  3. Select Create a GPO in this domain, and Link it here…wpd_cs_install_2.png
  4. Name the New GPO and click OKwpd_cs_install_3.png
  5. Right-click the new GPO and choose Editwpd_cs_install_4.png
  6.  Using the Group Policy Management Editor click to expand User Configuration >Preferences > Control Panel Settings > Folder Options
    wpd_cs_install_5.png
  7. Right-click Folder Options and select New > Folder Options (Windows Vista and later)wpd_cs_install_6.png
  8. Click the radio button Do not show hidden files and folders and click OKwpd_cs_install_7.png
  9. Close the Group Policy Editor and test

Testing your new GPO 

To test this GPO, you will need to bypass it by setting the folder options on the workstation.

  1. From a workstation open the Control Panel and select Folder Options
  2. In Folder Options Click the View Tab, Click the radio button to Show hidden files, folders and drives and click Applywpd_cs_install_9.png
  3. Create a new text document on the desktop
  4. Right-click that new document, select properties and check the box to mark the document hidden
  5. Click Apply
  6. Hold the Window + r keys and type cmd.exe in the run dialog box.
  7. In the command line window that opens type gpupdate /force

After this commands runs the workstation will apply the Group Policy settings from the domain controller. Once this happens the file you created on the desktop should disappear. wpd_cs_install_11.png

Although a user can manually show hidden files it is rare that one will have any desire or reason to do so. If a user does manually circumvent the GPO it will reapply each time the user logs in or reboots the workstation. You can also manually force the update by running gpupdate /force from the command line. 

Creating the new GPO should keep all of your hidden files safe from users who might try to delete them preventing data loss and crashed applications or workstations.

New call-to-action

Additional Tips You May Enjoy Reading

A Free Tool For Testing Anti-Ransomware Defenses 

Lessor Known File Extension Tricks Used By Hackers 

Enumerate File Shares With Powershell 

Recover Windows Activation Key 

Password Expiry Email Notification 

Brute Force Attack Detection and Blacklisting with Powershell 

Account Lockout Detection and Notification 

Employee Emergency Notifications 

Using NMAP to Find and Close Open Server Ports

Share this:

Previous Post RDP Brute Force Attack Detection and Blacklisting with Powershell Next Post CryptoStopper FAQ
Entrepreneur Link

Share
    

Subscribe to Email Updates

Recent Posts

Posts by Topic

see all