Folder Redirect question

Running Win2k3 - winxp clients

I currently have my clients Start Menu folder redirected through GPO to \\server\classrooms\roomnumber\folderredirects\start menu  (don't ask why, its a long story).

The problem is the users can double-click on "Programs" in the Start Menu to get to the above share and then back out until they can see all the directories I don't want them to see on the way.  How can I keep them from being able to see anything other than the redirected start menu?
baal32Asked:
Who is Participating?
 
MatthewWilliamsConnect With a Mentor Commented:
Why not share the folderredirects as fold_rm123$ and redirect their startmenu to \\server\fold_rm123$ That way they don't have anything to back out to and all the shares are hidden.
0
 
baal32Author Commented:
BTW - is this the correct area for this question?  I considered winxp in the OS section but that seemed more local policy oriented...
0
 
PsiCopCommented:
You can't, as far as I know. Windoze file "security" isn't granular or flexible enough to block users from seeing things that they don't have access to. You'd need NetWare for that.
0
Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

 
jose_ramirezCommented:
baal32,
with GPO, also... you can hide everything and even local resources. Let me search for the exact entry. I think it`s explorer option...
0
 
PsiCopCommented:
Fine, it modifies Explorer. How about the DOS command-line window? What if someone doesn't use Explorer to browse the environment?
0
 
ngravattCommented:
all you have to do is remove the permissions on the parent folders that you do not want clients to access.   Go to the server that contains the share folder.  RIght click on the folder, go to security tab.  Remove 'Everybody' and any other name that may give access to your clients.
0
 
scholarlvCommented:
\server\classrooms\roomnumber\folderredirects remove read permissions from this folder.  Another way would do what MatthewWilliams said.  Share out your start menu folder and redirect to there.  Now they can't back out at all.
0
 
jose_ramirezCommented:
>>>How can I keep them from being able to SEE anything other than the redirected start menu?

if it is explicit to see, you can only hide by using GPO, to hide any folder, local HD, or anything on the net. If you don´t even want them to access through command line, you can block the access to cmd.exe or command line. That´s not a problem. It depends exactly on your needs. But with GPO you can restrict them as much as you need, this is not a tool vs hackers.
Jose
0
 
PsiCopCommented:
*shrug* Whatever
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.