Shared file/folder permission

Posted on 2007-11-20
Medium Priority
Last Modified: 2012-08-14
I have got shared folder on my server, and different permission for different group if users.
But i want to hide some of the folder for some of the users, at the moment that group of users are
in special permission, they can still see the folders that i don't want.....how do i hide the folder or
disable the access for them.

The special permission is setup on the parent folder...!!

Server: Win 2k3
Client: Win XP

Question by:joy333
LVL 26

Accepted Solution

MidnightOne earned 120 total points
ID: 20323965
The way to hide a shared folder is to add a $ to the end of the share name; however, this hides it for all users.

As far as I know there's no way to selectively hide a share based on user or group memberships.

Expert Comment

ID: 20323997
setup a shared sub folder.
Permissions are issued at the entry point, so put "hidden" files in the parent folder with read denied to the restricted group, then give restricted group whatever permissions needed in sub-folder.

Share1: grp1=full_control ; grp2 = deny read
        |_     Share2 : grp2 =full_control

Group 1 will enter at share1 and see everything in there + everything in share2
group 2 will enter at share2 and only see what is in that folder

Assisted Solution

mcse2007 earned 80 total points
ID: 20323998
you can get your users to view your shared folder or you get  them not to view your shared folders using the dollar sign but there is no in between.
Easily Design & Build Your Next Website

Squarespace’s all-in-one platform gives you everything you need to express yourself creatively online, whether it is with a domain, website, or online store. Get started with your free trial today, and when ready, take 10% off your first purchase with offer code 'EXPERTS'.


Author Comment

ID: 20324069
Inside the shared folder on server, there are 10-14 subfolders, i want to give all the users to access that shared folder but like to restrict to access the some of the sub folders
I don't think i can create 2 shared folder ...since i don't want to store subfolders on 2 different shared folders.
$ sign is good option but it is going to apply to all users.
LVL 26

Expert Comment

ID: 20324079
The share being a hidden share is kind of moot if you map a drive to the share as part of the logon script.

The users that have access get a mapped drive to the hidden share; the ones who don't, well, don't. :-)

LVL 30

Expert Comment

ID: 20324111
You can also configure Access-Based Enumeration at the top-level share. By restricting permissions on sub-folders underneath the top-level share, users will only see those folders to which they have been granted permission: http://www.microsoft.com/windowsserver2003/techinfo/overview/abe.mspx

Author Comment

ID: 20348359
ok i just want to access denied for certain user on certail subfolder it doesn't matter even if they can see the folder, but it should prompt "Access denied" error

Assisted Solution

h11 earned 80 total points
ID: 20376787
can you just not go to the security tab on the folder you do not want users accessing and remove their names or groups. click on security, advanced uncheck inherit from parent permissions when window opens up say copy. click on ok now go back and remove users from the security.  test it the users should now be able see the folder but have no access to the folder.

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
The article explains the process to deploy a Self-Service password reset portal I developed a few years ago. Hopefully, it will prove useful to someone.  Any comments, bug reports etc. are welcome...
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

597 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question