Solved

Hiding folders for non members

Posted on 2009-06-30
6
252 Views
Last Modified: 2012-05-07
Hi all. I have a couple of users that connects to one of my servers via vpn to a wondows 2003 server.

They have their own folders set up, like this:

\\server\usera
\\server\userb

The problem is that in givien situations, they can see eachothers folders, for instance if they type \\server.

Is there a way that i can set the system up so that the users can oly see their own folder?
0
Comment
Question by:ols2
  • 3
  • 2
6 Comments
 
LVL 83

Expert Comment

by:oBdA
ID: 24743605
These are not folders, these are shares. You can hide shares by adding a $ to the end of the share name; this will of course require that you change the home folder path accordingly.
But unless you still have Windows NT4 clients, there is no need to individually share home folders. You can simply share the home folder root as "Home$" or whatever, then use \\server\home$\userX as path to the home drive.
Either way, to make sure users aren't accessing each other's home drives, only Administrators, System, and the respective user account should have permissions in the user folders.
0
 
LVL 83

Expert Comment

by:oBdA
ID: 24743621
Oh, and on a side note: to actually hide folders on a file server that users don't have permissions to access, you can activate Access Based Enumeration for the share that the users are accessing the folder. The functionality is included since W2k3 SP1, the download just installs the management tools.
Windows Server 2003 Access-based Enumeration
http://www.microsoft.com/downloads/details.aspx?FamilyID=04A563D9-78D9-4342-A485-B030AC442084
0
 
LVL 2

Expert Comment

by:mikesheard
ID: 24743864
Standard procedure is to share all folders from the level above for authenticated users so they can see the folder structure but to change the security on each to be the user only (plus local/domain admins etc of course) so they can only access their own.

That should sort it.
0
What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

 

Author Comment

by:ols2
ID: 24743980
@oBdA
Will Access Based Enumeration also work on mapped drives?
Because i had already installed Access Based Enumeration, and when i type in \\servername instead of \\servername\userfolder, i still get to see all the other shares. I can not access them, but they are visible.

I have created groups for the folders, since there are several users that have rights to one folder, not one user pr. folder. The user is a member of the group, nothing else, and the share is given to the group, and nothing else.

Hope that made any kind of sence ...
0
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 24744015
Again: when you type \\servername, you'll see the shares on the server, not folders; ABE only hides folders by checking the NTFS permissions. The only way to hide shares is to add the $ at the end of the share name (which obviously requires remapping the existing drives). Just try it with a test share.
Note that there is more than one tool out there that is able to enumerate hidden shares as well, so hiding them is not a security implementation.
0
 

Author Closing Comment

by:ols2
ID: 31598271
I will pursue the $ solution. Thanx!
0

Featured Post

[Webinar] Disaster Recovery and Cloud Management

Learn from Unigma and CloudBerry industry veterans which providers are best for certain use cases and how to lower cloud costs, how to grow your Managed Services practice in IaaS clouds, and how to utilize public cloud for Disaster Recovery

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now