?
Solved

Applying NTFS Permissions to folders

Posted on 2008-06-25
5
Medium Priority
?
381 Views
Last Modified: 2012-06-22
In our company, we create Shares for each department and we give Full control to everyone as a share permission.
Then we receive requests from department managers asking us to create specific  folders under the share and give users permissions (Read/Write. etc.....) some folders go deep when creating subfolders
and some users are not allowed even to see the names of some subfolders, I would like to give permissions to read or write to a users at certain subfolder without enabling him to see the hierarchy of other folders and subfolders. How do I achieve this?
I would just create  a share for each folder or subfolder they request but The policy in our IT dept doesn't allow us to do that? other than a share for a department we are not allowed to create more shares.
Thanks
 
0
Comment
Question by:jskfan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 4

Expert Comment

by:HoLoCroNs
ID: 21871612
There is an advanced permission called Traverse Folder, this is the permission needed for a user to browse through a directory without having to view the contents of the directory. Add traverse folder permissions to the root folder and start to test with stricter permissions on the sub folders. By using a combination of traverse, read, write you can achieve your desired results.
0
 
LVL 7

Assisted Solution

by:Christopher Martinez
Christopher Martinez earned 400 total points
ID: 21871621
You can specify folders in folders rights that differ from parent rights. However when attempting to do so be sure to not allow rights to be inherited from parent folders. This will alow that user rights to prior folders. In doing this, you will have to go straight to the folder as they wlil not have rights to browse to this folder. In order to do these permissions, you iwll have to go to Advanced under security tab and modify rights there.
0
 
LVL 12

Assisted Solution

by:Serge Fournier
Serge Fournier earned 200 total points
ID: 21871652
you can create a few http drives in iis, and in them, remove the "list file" permissions in iis

then in logon script, map http drives instead of the shares

but this is a big boat i would not get in :P
0
 

Author Comment

by:jskfan
ID: 21892137
HoLoCroNs: do I need to I apply Traverse folder at the share level?
0
 
LVL 4

Accepted Solution

by:
HoLoCroNs earned 1400 total points
ID: 21908840
Traverse is found in the advanced NTFS permissions of the directory you are sharing.

Will they allow you setup a hidden share for these subdirectories? If so you can map the users directly to the hidden share.
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is written by John Gates, CISSP. Gates, the SNUG President-Elect, currently holds the position of Manager of Information Systems at Lake Park High School in Roselle, Illinois.
Check out the latest tech news, community articles, and expert highlights in August's newsletter.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question