Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 750
  • Last Modified:

File Sharing -- How do I restrict a user from viewing sub-folders of a shared folder????

Good Morning,

Before I begin, let me inform you that we are moving from a Novell 5 file and print sharing box to a 2003 Standard file and print sharing box.  From what have read in other articles and on-line, my question may not be solvable in a practicle manner.  And I've read that I need to change my thinking when it comes to Novell vs. Windows file and folder sharing methods.

Let's begin:

I have established a shared folder \\fileserver\root\.  Everyone has view rights to this shared folder.  I can access and map the Y:\ drive to this folder from my PC.  I have setup a test file structure and a bunch of files throughout this directory.  I can view all files and folders from my PC.

My problem is this, let's say this is the following directory structure:

\\fileserver\root\  =  Y:\

1.  Y:\DRIVERS\
2.  Y:\LEXMARK\
3.  Y:\XEROX\

Okay, how do I make it so a user only sees number 1 and 2?  What rights or whatever do I need to change so that the user will not view Y:\XEROX\?  Even if I remove all usernames from the Security tab, the users can still see the folder, they just cannot browse it.  In Novell, if you don't explicitly give rights to a user to view a folder, they don't...

I can't imagine that Microsoft security is such that you can see a folder, but you just can't see the contents.

I hope this explanation is sufficient, I'll be glad to supply more information is needed.

Thanks,

Adam
0
adammichael
Asked:
adammichael
  • 3
  • 2
  • 2
  • +1
2 Solutions
 
sirbountyCommented:
I think the closest you can obtain, if I follow you correctly - to 'hide' these folders - is to share them out with a $ symbol...

All shares with a trailing $ are hidden...

So, if you have \\fileserver\root\xerox being shared as \\fileserver\xerox$
Users would have to either have a mapping there in a login script or 'know' how to get to it to find it...
0
 
adammichaelAuthor Commented:
Hmmm...

Let's say I have an Accounting department folder.  There are ten users and each one has certain folders that can get to and some folders that they cannot get to.  User 1 can get to 3 of the available 15 folders, user 2 can get to 10 of the folders, etc...

I'm making this up by the way...

Anyhow, does it boil down to, I'm going to have to share every folder using a $ and then map each user to their respective folders?

Hope i didn't confuse you.

Adam
0
 
JamesDSCommented:
adammichael

Yup, you're right.

Novell hides folders that users do not have access to
Windows doesn't

The only solution is the one you mention - share individual folders or suffer with the fact that users get to see everything and get an access denied message for the folders they shouldn't have access to.

However on Windows 2003 cluster fileserver it is possible to use the dymanic sharing feature:
If you want to use a cluster to create a high availability file server that will have hundreds of file shares, consider managing those file shares using a single File Share resource. You can do this if the folders that you want to share on the network are all subfolders of a common folder. For example, if you use your file server to support hundreds of users, and each user has a private folder that is a subfolder of the Users folder, you can manage individual file shares for each user using a single File Share resource. You also have the option to hide the file shares that you create for each user so that they will not be visible when browsing. For information on sharing the subfolders of a folder and hiding the files shares you create, see "To share subfolders on a File Share resource" on technet

Cheers

JamesDS
0
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

 
adammichaelAuthor Commented:
I've only got a single 2003 server.

Is my question strange?  I mean, I can't believe Microsoft would allow all folders to show...just doesn't make sense...  :(

Anyhow, what do most admin's do in this case?  Setup a truckload of shares, or deal with access denied messages?

Thanks.
0
 
sirbountyCommented:
We group them by user dept.
Finance would have several related shares, marketing, etc...
If there were any that a select few in one department should not get to then yes - we either set up a seperate share or deal with the access denied message...
Bill knows best, eh? ;)

0
 
JamesDSCommented:
adammichael

Thanks for the points.

In closing, your question is very common - I do a number of Novell migrations to AD every year and this comes up every single time. I usually go for a combination of grouping by department, lots of shares and File Share resources where I can work in a cluster.

It's a bitch but we love it!

Cheers

JamesDS
0
 
wbradleyCommented:
I'm in the same boat, and, it's incredible that this goes on, year after year.  Alright, if we can't disappear the folders, could we change the icon or color of those that the user cannot access?
0
 
JamesDSCommented:
wbradley
You can't post new questions here, you need to post a new question on EE

Cheers

JamesDS
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now