Solved

Shared file/folder permission

Posted on 2007-11-20
8
396 Views
Last Modified: 2012-08-14
I have got shared folder on my server, and different permission for different group if users.
But i want to hide some of the folder for some of the users, at the moment that group of users are
in special permission, they can still see the folders that i don't want.....how do i hide the folder or
disable the access for them.

The special permission is setup on the parent folder...!!

Server: Win 2k3
Client: Win XP

Regards
0
Comment
Question by:joy333
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 26

Accepted Solution

by:
MidnightOne earned 30 total points
ID: 20323965
The way to hide a shared folder is to add a $ to the end of the share name; however, this hides it for all users.

As far as I know there's no way to selectively hide a share based on user or group memberships.
0
 
LVL 5

Expert Comment

by:drmarston
ID: 20323997
setup a shared sub folder.
Permissions are issued at the entry point, so put "hidden" files in the parent folder with read denied to the restricted group, then give restricted group whatever permissions needed in sub-folder.

Share1: grp1=full_control ; grp2 = deny read
        |_     Share2 : grp2 =full_control

Group 1 will enter at share1 and see everything in there + everything in share2
group 2 will enter at share2 and only see what is in that folder
0
 
LVL 7

Assisted Solution

by:mcse2007
mcse2007 earned 20 total points
ID: 20323998
you can get your users to view your shared folder or you get  them not to view your shared folders using the dollar sign but there is no in between.
0
Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

 

Author Comment

by:joy333
ID: 20324069
Inside the shared folder on server, there are 10-14 subfolders, i want to give all the users to access that shared folder but like to restrict to access the some of the sub folders
I don't think i can create 2 shared folder ...since i don't want to store subfolders on 2 different shared folders.
$ sign is good option but it is going to apply to all users.
0
 
LVL 26

Expert Comment

by:MidnightOne
ID: 20324079
The share being a hidden share is kind of moot if you map a drive to the share as part of the logon script.

The users that have access get a mapped drive to the hidden share; the ones who don't, well, don't. :-)

MidnightOne
0
 
LVL 30

Expert Comment

by:LauraEHunterMVP
ID: 20324111
You can also configure Access-Based Enumeration at the top-level share. By restricting permissions on sub-folders underneath the top-level share, users will only see those folders to which they have been granted permission: http://www.microsoft.com/windowsserver2003/techinfo/overview/abe.mspx
0
 

Author Comment

by:joy333
ID: 20348359
ok i just want to access denied for certain user on certail subfolder it doesn't matter even if they can see the folder, but it should prompt "Access denied" error
0
 
LVL 2

Assisted Solution

by:h11
h11 earned 20 total points
ID: 20376787
can you just not go to the security tab on the folder you do not want users accessing and remove their names or groups. click on security, advanced uncheck inherit from parent permissions when window opens up say copy. click on ok now go back and remove users from the security.  test it the users should now be able see the folder but have no access to the folder.
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question