Solved

File Sharing -- How do I restrict a user from viewing sub-folders of a shared folder????

Posted on 2004-04-13
8
744 Views
Last Modified: 2010-04-19
Good Morning,

Before I begin, let me inform you that we are moving from a Novell 5 file and print sharing box to a 2003 Standard file and print sharing box.  From what have read in other articles and on-line, my question may not be solvable in a practicle manner.  And I've read that I need to change my thinking when it comes to Novell vs. Windows file and folder sharing methods.

Let's begin:

I have established a shared folder \\fileserver\root\.  Everyone has view rights to this shared folder.  I can access and map the Y:\ drive to this folder from my PC.  I have setup a test file structure and a bunch of files throughout this directory.  I can view all files and folders from my PC.

My problem is this, let's say this is the following directory structure:

\\fileserver\root\  =  Y:\

1.  Y:\DRIVERS\
2.  Y:\LEXMARK\
3.  Y:\XEROX\

Okay, how do I make it so a user only sees number 1 and 2?  What rights or whatever do I need to change so that the user will not view Y:\XEROX\?  Even if I remove all usernames from the Security tab, the users can still see the folder, they just cannot browse it.  In Novell, if you don't explicitly give rights to a user to view a folder, they don't...

I can't imagine that Microsoft security is such that you can see a folder, but you just can't see the contents.

I hope this explanation is sufficient, I'll be glad to supply more information is needed.

Thanks,

Adam
0
Comment
Question by:adammichael
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 67

Assisted Solution

by:sirbounty
sirbounty earned 130 total points
ID: 10816266
I think the closest you can obtain, if I follow you correctly - to 'hide' these folders - is to share them out with a $ symbol...

All shares with a trailing $ are hidden...

So, if you have \\fileserver\root\xerox being shared as \\fileserver\xerox$
Users would have to either have a mapping there in a login script or 'know' how to get to it to find it...
0
 

Author Comment

by:adammichael
ID: 10816302
Hmmm...

Let's say I have an Accounting department folder.  There are ten users and each one has certain folders that can get to and some folders that they cannot get to.  User 1 can get to 3 of the available 15 folders, user 2 can get to 10 of the folders, etc...

I'm making this up by the way...

Anyhow, does it boil down to, I'm going to have to share every folder using a $ and then map each user to their respective folders?

Hope i didn't confuse you.

Adam
0
 
LVL 16

Accepted Solution

by:
JamesDS earned 145 total points
ID: 10816558
adammichael

Yup, you're right.

Novell hides folders that users do not have access to
Windows doesn't

The only solution is the one you mention - share individual folders or suffer with the fact that users get to see everything and get an access denied message for the folders they shouldn't have access to.

However on Windows 2003 cluster fileserver it is possible to use the dymanic sharing feature:
If you want to use a cluster to create a high availability file server that will have hundreds of file shares, consider managing those file shares using a single File Share resource. You can do this if the folders that you want to share on the network are all subfolders of a common folder. For example, if you use your file server to support hundreds of users, and each user has a private folder that is a subfolder of the Users folder, you can manage individual file shares for each user using a single File Share resource. You also have the option to hide the file shares that you create for each user so that they will not be visible when browsing. For information on sharing the subfolders of a folder and hiding the files shares you create, see "To share subfolders on a File Share resource" on technet

Cheers

JamesDS
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:adammichael
ID: 10817040
I've only got a single 2003 server.

Is my question strange?  I mean, I can't believe Microsoft would allow all folders to show...just doesn't make sense...  :(

Anyhow, what do most admin's do in this case?  Setup a truckload of shares, or deal with access denied messages?

Thanks.
0
 
LVL 67

Expert Comment

by:sirbounty
ID: 10818933
We group them by user dept.
Finance would have several related shares, marketing, etc...
If there were any that a select few in one department should not get to then yes - we either set up a seperate share or deal with the access denied message...
Bill knows best, eh? ;)

0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10820535
adammichael

Thanks for the points.

In closing, your question is very common - I do a number of Novell migrations to AD every year and this comes up every single time. I usually go for a combination of grouping by department, lots of shares and File Share resources where I can work in a cluster.

It's a bitch but we love it!

Cheers

JamesDS
0
 

Expert Comment

by:wbradley
ID: 10993838
I'm in the same boat, and, it's incredible that this goes on, year after year.  Alright, if we can't disappear the folders, could we change the icon or color of those that the user cannot access?
0
 
LVL 16

Expert Comment

by:JamesDS
ID: 10993867
wbradley
You can't post new questions here, you need to post a new question on EE

Cheers

JamesDS
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This may not be a text book method to resolve VSS backup issues but it seemed to have worked on few of the Windows 2003 servers we had issues while performing a Volume Shadow Copy backup. If you have issues while performing a shadow copy backup usin…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

831 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question