Please Add Preloader
Sun. May 10th, 2026

how-2.codes

Open your Mind

Resetting a Windows 10-11 pin when you forgot it …easily How to “DISABLE ONEDRIVE COMPLETELY” New Split Tabs in Firefox – How easy it is… Explain TurboQuant to me How to See Your Current Publishing Settings 4 Blog in Microsoft Word
Uncategorized

How to “DISABLE ONEDRIVE COMPLETELY”

By 7webgallery@gmail.com

DISABLE ONEDRIVE COMPLETELY

ok 1st lets completely disable via registry and whatever else. i don’t use it and don’t want it at all to be accessible

Understood — you want to completely disable SMB and file sharing at the system level, not just stop services temporarily. Here’s a thorough approach that covers registry, services, and network stack so SMB is no longer accessible:

🔧 Disable SMB Server (LanmanServer)

  • Stop and disable the service:

    powershell

    Stop-Service LanmanServer -Force

    Set-Service LanmanServer -StartupType Disabled

  • Registry harddisable:

    powershell

    Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Services\LanmanServer’ -Name ‘Start’ -Value 4

🔧 Disable SMB Client (LanmanWorkstation)

  • Stop and disable the service:

    powershell

    Stop-Service LanmanWorkstation -Force

    Set-Service LanmanWorkstation -StartupType Disabled

  • Registry harddisable:

    powershell

    Set-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Services\LanmanWorkstation’ -Name ‘Start’ -Value 4

🔧 Disable SMB Protocol Versions

Windows allows you to disable SMBv1, SMBv2, SMBv3 individually:

  • Disable SMBv1:

    powershell

    Set-SmbServerConfiguration -EnableSMB1Protocol $false -Force

    Disable-WindowsOptionalFeature -Online -FeatureName SMB1Protocol -NoRestart

  • Disable SMBv2/3:

    powershell

    Set-SmbServerConfiguration -EnableSMB2Protocol $false -Force

🔧 Firewall Rules

Block inbound/outbound SMB ports:

  • TCP 445 (SMB over TCP)
  • TCP/UDP 139 (NetBIOS Session)
  • UDP 137–138 (NetBIOS Name/Datagram)

powershell

New-NetFirewallRule -DisplayName “Block SMB Inbound” -Direction Inbound -Protocol TCP -LocalPort 445,139 -Action Block

New-NetFirewallRule -DisplayName “Block SMB Outbound” -Direction Outbound -Protocol TCP -LocalPort 445,139 -Action Block

New-NetFirewallRule -DisplayName “Block NetBIOS UDP” -Direction Inbound -Protocol UDP -LocalPort 137,138 -Action Block

🔧 Disable NetBIOS over TCP/IP

  • Go to Network Adapter Properties → IPv4 → Advanced → WINS tab → Disable NetBIOS over TCP/IP.
  • Or via registry (per adapter):
    • Key: HKLM\SYSTEM\CurrentControlSet\Services\NetBT\Parameters\Interfaces\Tcpip_{GUID}
    • Value: NetbiosOptions = 2 (disable)

🔧 Verify

After reboot:

  • Get-SmbShare should fail with “Server service is not started.”
  • Get-Service LanmanServer,LanmanWorkstation should show Disabled.
  • netstat -ano | findstr 445 should return nothing.

⚠️ Note: Disabling SMB completely means you won’t be able to access network shares, printers, or certain Windows features (like remote admin tools). If you’re sure you don’t use any of these, this is safe.

//////////////////////////////////////////////////////////////previous is already done new UPDATED STEPS

Got it — since SMB and sharing are already disabled, the remaining piece is locking down OneDrive so it can’t sync or expose your Documents folder. Here are the main ways to fully disable OneDrive on Windows:

🔧 Disable OneDrive via Group Policy (best if available)

  • Run gpedit.msc.
  • Navigate to: Computer Configuration → Administrative Templates → Windows Components → OneDrive
  • Enable “Prevent the usage of OneDrive for file storage.”
    • This stops OneDrive from running or syncing entirely.

🔧 Disable OneDrive via Registry

If you don’t have Group Policy (e.g., Windows Home edition):

powershell

New-ItemProperty -Path “HKLM:\Software\Policies\Microsoft\Windows\OneDrive” -Name “DisableFileSync” -PropertyType DWord -Value 1 -Force

  • Reboot afterwards.
  • This registry key enforces the same policy as above.

🔧 Uninstall OneDrive (optional, but permanent)

Run in elevated PowerShell:

powershell

taskkill /f /im OneDrive.exe

%SystemRoot%\System32\OneDriveSetup.exe /uninstall

%SystemRoot%\SysWOW64\OneDriveSetup.exe /uninstall

  • This removes the OneDrive client.
  • Your local files remain, but syncing is gone.

🔧 Lock Down OneDrive Folder ACLs

If you want to keep OneDrive installed but block access:

powershell

$oneDrivePath = “$env:USERPROFILE\OneDrive”

if (Test-Path $oneDrivePath) { takeown /F $oneDrivePath /R /D Y icacls $oneDrivePath /inheritance:d /T icacls $oneDrivePath /remove:g Everyone /T icacls $oneDrivePath /remove:g “Authenticated Users” /T icacls $oneDrivePath /grant “Administrators:(F)” /T icacls $oneDrivePath /grant “SYSTEM:(F)” /T icacls $oneDrivePath /grant “$env:USERNAME:(F)” /T

}

This ensures only you, SYSTEM, and Administrators have access.

Summary

  • Group Policy / Registry → clean disable of OneDrive sync.
  • Uninstall → removes the client completely.
  • ACL lockdown → restricts access to the OneDrive folder itself.

////////////////////////////////////BLOCK ONE DRIVE REINSTALLATION

🛡️ Block Reinstallation

Since you already enabled the Group Policy Prevent the usage of OneDrive for file storage, that will stop OneDrive from coming back. For extra assurance, set the registry key:

powershell

New-ItemProperty -Path “HKLM:\Software\Policies\Microsoft\Windows\OneDrive” -Name ”

By 7webgallery@gmail.com