Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Shared Folder Permissions

Posted on 2011-09-17
8
Medium Priority
?
244 Views
Last Modified: 2012-05-12
Hello, I'm looking to setup a file dropbox on our file servers running W2k3 and W2k8 Server. The idea is that staff on the LAN will drop files into this folder via a mapped drive. The problem is that I need the person dropping the file into this network drive to do so without being able to see the contents of the folder. Similar to ftp uploads were you can write to it but you do not have list persmissions. This is for internal LAN use only.

It is important that staff can not see what others have droped into the folder, Can it be done (I can't see how) and if yes how do i go about it. FTP is not an option, IIS is if possible. It needs to be as simple as opening the folder and copying in files. On refresh the user will not see any files including their own. Any solution other than FTP would be great.

Thanks, Aelara.
0
Comment
Question by:Aelara
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 17

Expert Comment

by:Chris Millard
ID: 36554773
Could you try changing the permissions so that users have write and modify access but not read and execute?
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36555183
What if you set up a little service to watch the folder and move any files that appear?  It could poll for files every 5 seconds or so and them move them to a safe place.   If you know Visual Studio you could make this using the FileSystemWatcher project.  If you just want to buy something off the shelf I don't know... you could do it with Robo-FTP but it would be strange to use an FTP automation client to just move files around the LAN.  Some searching might turn up other options.
0
 
LVL 4

Accepted Solution

by:
duffme earned 1400 total points
ID: 36556222
You don't want the uploader to see what they've uploaded, or just other uploaded data?  There is a special group called CREATOR OWNER.  You can grant only this group and other necessary groups permissions to the upload share and remove the Everyone/Authenticated Users rights.  Just assign WRITE  permissions without using Read, Modify, etc.
0
Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 23

Assisted Solution

by:yo_bee
yo_bee earned 600 total points
ID: 36556242
I do not think it is possible to have someone have Write access to a share, but hide th content.  
You are sort of negating the ACL you are trying to allow.

When it comes to Windows FTP you still will see the files since they are in the same folder.

You will need to do something like ALEXPACE suggested.
I would recommend ROBOCOPY (Free download for 2003 or already part of 2008).
This will monitor the folder for changes and when it see's one it will then mov the file.  
robocopy "source" "dest" /mov /MON:1 /log+:"logfilename".log
The other is to run the number of minutes there is between each pass.
robocopy "source" "dest" /MOV /MOT:1 /LOG+:"logfilename".log
Have this as a scheduled startup batch.
0
 
LVL 4

Expert Comment

by:duffme
ID: 36556281
I forgot to mention: once a user copies data to a drive with no read access they can not confirm that the copy was successful and may try to do so again.  If you go with CREATOR OWNER and and don't care that the user sees what they themselves copied then it is easier.  You could always run a script periodically to set all permissions on existing data so users don't see even their own uploads.
0
 

Author Comment

by:Aelara
ID: 36556291
Thank you all for the info, I'm not concerned about individuals being able to see their own files, I simply need them not to see other peoples files. I'll give it a go tomorrow.

Regards, A.
0
 
LVL 23

Expert Comment

by:yo_bee
ID: 36556307
Like I said, they will see them, but will not be able to open them.
There is no way to find the file with NTFS.

The best way to hide the files is to have them moved upon uploading.

0
 

Author Closing Comment

by:Aelara
ID: 36587129
It's worked, Many thanks.
0

Featured Post

Ransomware-A Revenue Bonanza for Service Providers

Ransomware – malware that gets on your customers’ computers, encrypts their data, and extorts a hefty ransom for the decryption keys – is a surging new threat.  The purpose of this eBook is to educate the reader about ransomware attacks.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question