I have several RemoteApp hosts, they all have MS excel installed. All hosts are covered with multiple lockdown technologies including Applocker, Group Policy and IPSec. All drives are restricted via GPO along with modified permissions.
Scenario.
A non-administrative user starts Excel on a RemoteApp host. They open the "file open" window and infile name type \\127.0.0.1\c$. They are presented with the c:\ drive of the system. The same is true of c$ d$ admin$ etc...
The same user typing \\127.0.0.1\c$ in the address\location bar of open file window is told that this has been restricted by their system administrator.
The same user attempting to acess the admin shares from another machine is prompted for credentials.
Why does the loopback adapter appear to ignore the admin share permissions?