[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 368
  • Last Modified:

File sharing on windows server 2003

ok, i feel like this is an easy one but i am having a problem with this.

i created a file server that has several shares, i have created several groups that will access these shares.  my question is how can i make these shares invisible to everyone else with respect to the account logged in.

i.e. i log in and want to only see what i have access.


thanks
0
johnkesoglou
Asked:
johnkesoglou
1 Solution
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
I'm quite sure if this is what you're asking, but the only way to make a share "invisible" - that is, when you browse the server's name, you don't see it listed in the available shares - is to append a dollar sign - $ - to it's name.  For example:

\\Server\Share   <- is browseable by anyone looking at the server from the network
\\server\share$   <- is NOT browsable by anyone looking at the server from the network. (You have to know the share is there or you don't get access.

Other than that, you cannot hide the share.
0
 
rizla7Commented:
you don't need to make them invisible. set the share permission to everyone 'read and change'

on the parent folder where the share is located ie: (parentfolder/sharename). set 'users' to have only read rights 'for this folder only' in ntfs permissions. on the sharename set whatever permissions on groups.

they wont be invisibile, but they will be inaccesible.

0
 
johnkesoglouAuthor Commented:
lee

this sounds like a viable option and the least destructive on permissions - now i have not tested this theory but if i added for example \\server\share$  into a login script for a specific group it would map that drive making all subfolders visible.  right?  


0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
Lee W, MVPTechnology and Business Process AdvisorCommented:
The only difference between

\\server\share
and
\\server\share$

is that when you view
\\server

the share is not displayed in the view of the server resources.

As for permissions, it's an entirely NEW share - you can't simply change the share name.  If you set Share permissions, they are effectively gone.  If you use NTFS permissions, there is ABSOLUTELY NO EFFECT on permissions (this is one of the reasons I almost NEVER set share level permissions.  NTFS permissions are granular and not affected by share permissions; when I do set share permissions, it's either Read Only or FULL ACCESS - and that's typically for admins vs. everyone else).
0
 
rizla7Commented:
if you make an administratice share ($ suffix) it will be invisible to everyone.

two possibilities here.

1. create separate folders for each 'display group' and put links to the shares in there. this would involve a lot of administrative overhead, since each possible group combination has to be taken into account.

2. do the same thing except with DFS.

there really is no solution to what you are asking i think.
0
 
ChiefITCommented:
The $ sign is one option. Also there is a tool called Access Based Enumeration where the share will be invisible to everyone except those that have permissions to it.

http://technet.microsoft.com/en-us/library/cc784710(WS.10).aspx

"Access-based Enumeration is a new feature included with Windows Server 2003 Service Pack 1. This feature allows users of Windows Server 2003–based file servers to list only the files and folders to which they have access when browsing content on the file server. This eliminates user confusion that can be caused when users connect to a file server and encounter a large number of files and folders that they cannot access."

Either using $ sign or ABE will work for you.

0
 
rizla7Commented:
either that or just create separate DFS roots... imo DFS is the way to go,lol $.. funny hacks.
0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now