Solved

Hiding folders for non members

Posted on 2009-06-30
6
283 Views
Last Modified: 2012-05-07
Hi all. I have a couple of users that connects to one of my servers via vpn to a wondows 2003 server.

They have their own folders set up, like this:

\\server\usera
\\server\userb

The problem is that in givien situations, they can see eachothers folders, for instance if they type \\server.

Is there a way that i can set the system up so that the users can oly see their own folder?
0
Comment
Question by:ols2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 85

Expert Comment

by:oBdA
ID: 24743605
These are not folders, these are shares. You can hide shares by adding a $ to the end of the share name; this will of course require that you change the home folder path accordingly.
But unless you still have Windows NT4 clients, there is no need to individually share home folders. You can simply share the home folder root as "Home$" or whatever, then use \\server\home$\userX as path to the home drive.
Either way, to make sure users aren't accessing each other's home drives, only Administrators, System, and the respective user account should have permissions in the user folders.
0
 
LVL 85

Expert Comment

by:oBdA
ID: 24743621
Oh, and on a side note: to actually hide folders on a file server that users don't have permissions to access, you can activate Access Based Enumeration for the share that the users are accessing the folder. The functionality is included since W2k3 SP1, the download just installs the management tools.
Windows Server 2003 Access-based Enumeration
http://www.microsoft.com/downloads/details.aspx?FamilyID=04A563D9-78D9-4342-A485-B030AC442084
0
 
LVL 2

Expert Comment

by:mikesheard
ID: 24743864
Standard procedure is to share all folders from the level above for authenticated users so they can see the folder structure but to change the security on each to be the user only (plus local/domain admins etc of course) so they can only access their own.

That should sort it.
0
What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

 

Author Comment

by:ols2
ID: 24743980
@oBdA
Will Access Based Enumeration also work on mapped drives?
Because i had already installed Access Based Enumeration, and when i type in \\servername instead of \\servername\userfolder, i still get to see all the other shares. I can not access them, but they are visible.

I have created groups for the folders, since there are several users that have rights to one folder, not one user pr. folder. The user is a member of the group, nothing else, and the share is given to the group, and nothing else.

Hope that made any kind of sence ...
0
 
LVL 85

Accepted Solution

by:
oBdA earned 500 total points
ID: 24744015
Again: when you type \\servername, you'll see the shares on the server, not folders; ABE only hides folders by checking the NTFS permissions. The only way to hide shares is to add the $ at the end of the share name (which obviously requires remapping the existing drives). Just try it with a test share.
Note that there is more than one tool out there that is able to enumerate hidden shares as well, so hiding them is not a security implementation.
0
 

Author Closing Comment

by:ols2
ID: 31598271
I will pursue the $ solution. Thanx!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
It’s been over a month into 2017, and there is already a sophisticated Gmail phishing email making it rounds. New techniques and tactics, have given hackers a way to authentically impersonate your contacts.How it Works The attack works by targeti…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question