Clients vieweing DFS


I have a single root in dfs (as i do not have enterprise licenses and can not have more than one) - called ROOT1

in that root i have 3 targets.  2 of which i dont want the users to see as they are software distribution points.

obviously the users can access the targets my typing \\mydomain\root1 in the "Run" box

is there a way that i can prevent them from seeing the 2 targets that i dont want them to see? or is there a way i can get them to connect directly without them going the the root?

please help


Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Hi naifyboy123,

you can lock down the folder using NTFS permissions which will restrict or allow whoever you choose - do this under the folder properties - security TAB

This is also a good read - i dont have DFS structure i can test on but give it a go

naifyboy123Author Commented:
hi again jay_jay i already have them configured with permissions - i just want to remove them from the view

heya again :)

have read through that article, it shows a way of actually hiding them from view  -  you can simply make them "hidden" folders but as soon as the user sets his folder views to "show hidden files and folders" he will see them again

that article shows a solution for that

The 7 Worst Nightmares of a Sysadmin

Fear not! To defend your business’ IT systems we’re going to shine a light on the seven most sinister terrors that haunt sysadmins. That way you can be sure there’s nothing in your stack waiting to go bump in the night.

naifyboy123Author Commented:
hi mate - thing is all users have read access so this fix wont work beacuse they have some access rights to them
hmmm but if you want them hidden you obviously dont want them accessed   why not remove the read attribute??

did you look at the joeware tool down the bottom - think it hits exactly what you are looking for
i just read that article again - the read access is a neccesity not a problem   thats how the flags work - based on that attribute

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
"or is there a way i can get them to connect directly without them going the the root?"

instead of



naifyboy123Author Commented:
i was looking for a more direct root that did not involve them typing "root1" in any path
hmmm..  No, the only other ways I would know is:

1) Create a new root for the targetusers content

2) publish the DFS share in Active Directory.  Configure the rights so that the appropriate users can read the published share.  Then tell you users to use AD SEARCH to find the published share.
naifyboy123Author Commented:
thanks guys
cheers :)
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2003

From novice to tech pro — start learning today.