Solved

File Sharing -- How do I restrict a user from viewing sub-folders of a shared folder????

Posted on 2004-04-13
8
745 Views
Last Modified: 2010-04-19
Good Morning,

Before I begin, let me inform you that we are moving from a Novell 5 file and print sharing box to a 2003 Standard file and print sharing box.  From what have read in other articles and on-line, my question may not be solvable in a practicle manner.  And I've read that I need to change my thinking when it comes to Novell vs. Windows file and folder sharing methods.

Let's begin:

I have established a shared folder \\fileserver\root\.  Everyone has view rights to this shared folder.  I can access and map the Y:\ drive to this folder from my PC.  I have setup a test file structure and a bunch of files throughout this directory.  I can view all files and folders from my PC.

My problem is this, let's say this is the following directory structure:

\\fileserver\root\  =  Y:\

1.  Y:\DRIVERS\
2.  Y:\LEXMARK\
3.  Y:\XEROX\

Okay, how do I make it so a user only sees number 1 and 2?  What rights or whatever do I need to change so that the user will not view Y:\XEROX\?  Even if I remove all usernames from the Security tab, the users can still see the folder, they just cannot browse it.  In Novell, if you don't explicitly give rights to a user to view a folder, they don't...

I can't imagine that Microsoft security is such that you can see a folder, but you just can't see the contents.

I hope this explanation is sufficient, I'll be glad to supply more information is needed.

Thanks,

Adam
0
Comment
Question by:adammichael
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 130 total points
ID: 10816266
I think the closest you can obtain, if I follow you correctly - to 'hide' these folders - is to share them out with a $ symbol...

All shares with a trailing $ are hidden...

So, if you have \\fileserver\root\xerox being shared as \\fileserver\xerox$
Users would have to either have a mapping there in a login script or 'know' how to get to it to find it...
0
 

Author Comment

by:adammichael
ID: 10816302
Hmmm...

Let's say I have an Accounting department folder.  There are ten users and each one has certain folders that can get to and some folders that they cannot get to.  User 1 can get to 3 of the available 15 folders, user 2 can get to 10 of the folders, etc...

I'm making this up by the way...

Anyhow, does it boil down to, I'm going to have to share every folder using a $ and then map each user to their respective folders?

Hope i didn't confuse you.

Adam
0
 
LVL 16

Accepted Solution

by:
JamesDS earned 145 total points
ID: 10816558
adammichael

Yup, you're right.

Novell hides folders that users do not have access to
Windows doesn't

The only solution is the one you mention - share individual folders or suffer with the fact that users get to see everything and get an access denied message for the folders they shouldn't have access to.

However on Windows 2003 cluster fileserver it is possible to use the dymanic sharing feature:
If you want to use a cluster to create a high availability file server that will have hundreds of file shares, consider managing those file shares using a single File Share resource. You can do this if the folders that you want to share on the network are all subfolders of a common folder. For example, if you use your file server to support hundreds of users, and each user has a private folder that is a subfolder of the Users folder, you can manage individual file shares for each user using a single File Share resource. You also have the option to hide the file shares that you create for each user so that they will not be visible when browsing. For information on sharing the subfolders of a folder and hiding the files shares you create, see "To share subfolders on a File Share resource" on technet

Cheers

JamesDS
0
Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

 

Author Comment

by:adammichael
ID: 10817040
I've only got a single 2003 server.

Is my question strange?  I mean, I can't believe Microsoft would allow all folders to show...just doesn't make sense...  :(

Anyhow, what do most admin's do in this case?  Setup a truckload of shares, or deal with access denied messages?

Thanks.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10818933
We group them by user dept.
Finance would have several related shares, marketing, etc...
If there were any that a select few in one department should not get to then yes - we either set up a seperate share or deal with the access denied message...
Bill knows best, eh? ;)

0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10820535
adammichael

Thanks for the points.

In closing, your question is very common - I do a number of Novell migrations to AD every year and this comes up every single time. I usually go for a combination of grouping by department, lots of shares and File Share resources where I can work in a cluster.

It's a bitch but we love it!

Cheers

JamesDS
0
 

Expert Comment

by:wbradley
ID: 10993838
I'm in the same boat, and, it's incredible that this goes on, year after year.  Alright, if we can't disappear the folders, could we change the icon or color of those that the user cannot access?
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10993867
wbradley
You can't post new questions here, you need to post a new question on EE

Cheers

JamesDS
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Many of us need to configure DHCP server(s) in their environment. We can do that simply via DHCP console on server or using MMC snap-in on each computer with Administrative Tools installed in a network. But what if we have to configure many DHCP ser…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
In an interesting question (https://www.experts-exchange.com/questions/29008360/) here at Experts Exchange, a member asked how to split a single image into multiple images. The primary usage for this is to place many photographs on a flatbed scanner…
I've attached the XLSM Excel spreadsheet I used in the video and also text files containing the macros used below. https://filedb.experts-exchange.com/incoming/2017/03_w12/1151775/Permutations.txt https://filedb.experts-exchange.com/incoming/201…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question