Solved

Shared Folder Permissions

Posted on 2011-09-17
8
228 Views
Last Modified: 2012-05-12
Hello, I'm looking to setup a file dropbox on our file servers running W2k3 and W2k8 Server. The idea is that staff on the LAN will drop files into this folder via a mapped drive. The problem is that I need the person dropping the file into this network drive to do so without being able to see the contents of the folder. Similar to ftp uploads were you can write to it but you do not have list persmissions. This is for internal LAN use only.

It is important that staff can not see what others have droped into the folder, Can it be done (I can't see how) and if yes how do i go about it. FTP is not an option, IIS is if possible. It needs to be as simple as opening the folder and copying in files. On refresh the user will not see any files including their own. Any solution other than FTP would be great.

Thanks, Aelara.
0
Comment
Question by:Aelara
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 17

Expert Comment

by:Chris Millard
ID: 36554773
Could you try changing the permissions so that users have write and modify access but not read and execute?
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36555183
What if you set up a little service to watch the folder and move any files that appear?  It could poll for files every 5 seconds or so and them move them to a safe place.   If you know Visual Studio you could make this using the FileSystemWatcher project.  If you just want to buy something off the shelf I don't know... you could do it with Robo-FTP but it would be strange to use an FTP automation client to just move files around the LAN.  Some searching might turn up other options.
0
 
LVL 4

Accepted Solution

by:
duffme earned 350 total points
ID: 36556222
You don't want the uploader to see what they've uploaded, or just other uploaded data?  There is a special group called CREATOR OWNER.  You can grant only this group and other necessary groups permissions to the upload share and remove the Everyone/Authenticated Users rights.  Just assign WRITE  permissions without using Read, Modify, etc.
0
 
LVL 21

Assisted Solution

by:yo_bee
yo_bee earned 150 total points
ID: 36556242
I do not think it is possible to have someone have Write access to a share, but hide th content.  
You are sort of negating the ACL you are trying to allow.

When it comes to Windows FTP you still will see the files since they are in the same folder.

You will need to do something like ALEXPACE suggested.
I would recommend ROBOCOPY (Free download for 2003 or already part of 2008).
This will monitor the folder for changes and when it see's one it will then mov the file.  
robocopy "source" "dest" /mov /MON:1 /log+:"logfilename".log
The other is to run the number of minutes there is between each pass.
robocopy "source" "dest" /MOV /MOT:1 /LOG+:"logfilename".log
Have this as a scheduled startup batch.
0
How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

 
LVL 4

Expert Comment

by:duffme
ID: 36556281
I forgot to mention: once a user copies data to a drive with no read access they can not confirm that the copy was successful and may try to do so again.  If you go with CREATOR OWNER and and don't care that the user sees what they themselves copied then it is easier.  You could always run a script periodically to set all permissions on existing data so users don't see even their own uploads.
0
 

Author Comment

by:Aelara
ID: 36556291
Thank you all for the info, I'm not concerned about individuals being able to see their own files, I simply need them not to see other peoples files. I'll give it a go tomorrow.

Regards, A.
0
 
LVL 21

Expert Comment

by:yo_bee
ID: 36556307
Like I said, they will see them, but will not be able to open them.
There is no way to find the file with NTFS.

The best way to hide the files is to have them moved upon uploading.

0
 

Author Closing Comment

by:Aelara
ID: 36587129
It's worked, Many thanks.
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Join & Write a Comment

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
The recent Microsoft changes on update philosophy for Windows pre-10 and their impact on existing WSUS implementations.
This tutorial will show how to push an installation of Backup Exec to an additional server in both 2012 and 2014 versions of the software. Click on the Backup Exec button in the upper left corner. From here, select Installation and Licensing, then I…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now