[Last Call] Learn about multicloud storage options and how to improve your company's cloud strategy. Register Now

x
?
Solved

Hiding folders for non members

Posted on 2009-06-30
6
Medium Priority
?
295 Views
Last Modified: 2012-05-07
Hi all. I have a couple of users that connects to one of my servers via vpn to a wondows 2003 server.

They have their own folders set up, like this:

\\server\usera
\\server\userb

The problem is that in givien situations, they can see eachothers folders, for instance if they type \\server.

Is there a way that i can set the system up so that the users can oly see their own folder?
0
Comment
Question by:ols2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 85

Expert Comment

by:oBdA
ID: 24743605
These are not folders, these are shares. You can hide shares by adding a $ to the end of the share name; this will of course require that you change the home folder path accordingly.
But unless you still have Windows NT4 clients, there is no need to individually share home folders. You can simply share the home folder root as "Home$" or whatever, then use \\server\home$\userX as path to the home drive.
Either way, to make sure users aren't accessing each other's home drives, only Administrators, System, and the respective user account should have permissions in the user folders.
0
 
LVL 85

Expert Comment

by:oBdA
ID: 24743621
Oh, and on a side note: to actually hide folders on a file server that users don't have permissions to access, you can activate Access Based Enumeration for the share that the users are accessing the folder. The functionality is included since W2k3 SP1, the download just installs the management tools.
Windows Server 2003 Access-based Enumeration
http://www.microsoft.com/downloads/details.aspx?FamilyID=04A563D9-78D9-4342-A485-B030AC442084
0
 
LVL 2

Expert Comment

by:mikesheard
ID: 24743864
Standard procedure is to share all folders from the level above for authenticated users so they can see the folder structure but to change the security on each to be the user only (plus local/domain admins etc of course) so they can only access their own.

That should sort it.
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 

Author Comment

by:ols2
ID: 24743980
@oBdA
Will Access Based Enumeration also work on mapped drives?
Because i had already installed Access Based Enumeration, and when i type in \\servername instead of \\servername\userfolder, i still get to see all the other shares. I can not access them, but they are visible.

I have created groups for the folders, since there are several users that have rights to one folder, not one user pr. folder. The user is a member of the group, nothing else, and the share is given to the group, and nothing else.

Hope that made any kind of sence ...
0
 
LVL 85

Accepted Solution

by:
oBdA earned 2000 total points
ID: 24744015
Again: when you type \\servername, you'll see the shares on the server, not folders; ABE only hides folders by checking the NTFS permissions. The only way to hide shares is to add the $ at the end of the share name (which obviously requires remapping the existing drives). Just try it with a test share.
Note that there is more than one tool out there that is able to enumerate hidden shares as well, so hiding them is not a security implementation.
0
 

Author Closing Comment

by:ols2
ID: 31598271
I will pursue the $ solution. Thanx!
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Have you ever had a hard drive that you can't boot into, but need to change the registry? Here is the solution! This article guides you through accessing and editing a registry of a non-primary drive. To read registry information on a non-prim…
The password reset disk is often mentioned as the best solution to deal with the lost Windows password problem. In Windows 2008, 7, Vista and XP, a password reset disk can be easily created. But besides Windows 7/Vista/XP, Windows Server 2008 and ot…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question