As you're probably well aware, end users who consider themselves tech-savvy are often the most dangerous. These users typically have just enough computer knowledge to make them dangerous.
In fact, it's often worth an administrator's time to take some proactive steps to lock down the network from end users. For example, what if you want to deny the ability to create new shares to everyone but administrators? That way, you could control who can access a computer from its network interface as well as the information that interface shares.
You can accomplish this with a quick registry edit. Follow these steps:
Note: Editing the registry is risky, so be sure you have a verified backup before making any changes.