randy915
asked on
Deny read permission in Active Directory
We have a few users that logs in through RRAS VPN and then maps a network drive to a specific folder; however, when I was testing their access rights I notice I can see the other shared folders. How can I limit their read access to that one specific folder and nothing else?
Deny permissions on the other folders.
right click the folder then select properties.
click on the sharing tab and then click the permisiions button.
uncheck the "read" box and click ok all the way out.
That should do the trick.
Hope this helps
click on the sharing tab and then click the permisiions button.
uncheck the "read" box and click ok all the way out.
That should do the trick.
Hope this helps
Do you mean you don't want them to see the contents of those other shares; or you don't want those shares to even be visible?
ASKER
Not working... -_-?
Let's just say if I have 3 folders:
E:\bits
E:\backup
E:\data
and I want to the VPN users to only see the \data\ folder. I right-click on \data\, choose Sharing and Security then click Permissions under the Sharing tab. I have domain admin with full control and one of the VPN user accounts with Deny on all 3 checkboxes. I tested his account and I'm still able to see the other 2 folders.
I even went into the Security tab and added the VPN user then denied all boxes. Am I missing something? I thought Deny takes precedent over all other permissions. What about permission inheritence? Are the folders inheriting some other permission from the root E:\ permission?
Let's just say if I have 3 folders:
E:\bits
E:\backup
E:\data
and I want to the VPN users to only see the \data\ folder. I right-click on \data\, choose Sharing and Security then click Permissions under the Sharing tab. I have domain admin with full control and one of the VPN user accounts with Deny on all 3 checkboxes. I tested his account and I'm still able to see the other 2 folders.
I even went into the Security tab and added the VPN user then denied all boxes. Am I missing something? I thought Deny takes precedent over all other permissions. What about permission inheritence? Are the folders inheriting some other permission from the root E:\ permission?
ASKER
I'm sorry, I meant to say do those steps to the bits and backup folder.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.