Hiding folders for non members

Hi all. I have a couple of users that connects to one of my servers via vpn to a wondows 2003 server.

They have their own folders set up, like this:

\\server\usera
\\server\userb

The problem is that in givien situations, they can see eachothers folders, for instance if they type \\server.

Is there a way that i can set the system up so that the users can oly see their own folder?
ols2Asked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

oBdACommented:
These are not folders, these are shares. You can hide shares by adding a $ to the end of the share name; this will of course require that you change the home folder path accordingly.
But unless you still have Windows NT4 clients, there is no need to individually share home folders. You can simply share the home folder root as "Home$" or whatever, then use \\server\home$\userX as path to the home drive.
Either way, to make sure users aren't accessing each other's home drives, only Administrators, System, and the respective user account should have permissions in the user folders.
0
oBdACommented:
Oh, and on a side note: to actually hide folders on a file server that users don't have permissions to access, you can activate Access Based Enumeration for the share that the users are accessing the folder. The functionality is included since W2k3 SP1, the download just installs the management tools.
Windows Server 2003 Access-based Enumeration
http://www.microsoft.com/downloads/details.aspx?FamilyID=04A563D9-78D9-4342-A485-B030AC442084
0
mikesheardCommented:
Standard procedure is to share all folders from the level above for authenticated users so they can see the folder structure but to change the security on each to be the user only (plus local/domain admins etc of course) so they can only access their own.

That should sort it.
0
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

ols2Author Commented:
@oBdA
Will Access Based Enumeration also work on mapped drives?
Because i had already installed Access Based Enumeration, and when i type in \\servername instead of \\servername\userfolder, i still get to see all the other shares. I can not access them, but they are visible.

I have created groups for the folders, since there are several users that have rights to one folder, not one user pr. folder. The user is a member of the group, nothing else, and the share is given to the group, and nothing else.

Hope that made any kind of sence ...
0
oBdACommented:
Again: when you type \\servername, you'll see the shares on the server, not folders; ABE only hides folders by checking the NTFS permissions. The only way to hide shares is to add the $ at the end of the share name (which obviously requires remapping the existing drives). Just try it with a test share.
Note that there is more than one tool out there that is able to enumerate hidden shares as well, so hiding them is not a security implementation.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ols2Author Commented:
I will pursue the $ solution. Thanx!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Legacy OS

From novice to tech pro — start learning today.