?
Solved

Shared Folder Permissions

Posted on 2011-09-17
8
Medium Priority
?
257 Views
Last Modified: 2012-05-12
Hello, I'm looking to setup a file dropbox on our file servers running W2k3 and W2k8 Server. The idea is that staff on the LAN will drop files into this folder via a mapped drive. The problem is that I need the person dropping the file into this network drive to do so without being able to see the contents of the folder. Similar to ftp uploads were you can write to it but you do not have list persmissions. This is for internal LAN use only.

It is important that staff can not see what others have droped into the folder, Can it be done (I can't see how) and if yes how do i go about it. FTP is not an option, IIS is if possible. It needs to be as simple as opening the folder and copying in files. On refresh the user will not see any files including their own. Any solution other than FTP would be great.

Thanks, Aelara.
0
Comment
Question by:Aelara
  • 2
  • 2
  • 2
  • +2
8 Comments
 
LVL 17

Expert Comment

by:Chris Millard
ID: 36554773
Could you try changing the permissions so that users have write and modify access but not read and execute?
0
 
LVL 16

Expert Comment

by:AlexPace
ID: 36555183
What if you set up a little service to watch the folder and move any files that appear?  It could poll for files every 5 seconds or so and them move them to a safe place.   If you know Visual Studio you could make this using the FileSystemWatcher project.  If you just want to buy something off the shelf I don't know... you could do it with Robo-FTP but it would be strange to use an FTP automation client to just move files around the LAN.  Some searching might turn up other options.
0
 
LVL 4

Accepted Solution

by:
duffme earned 1400 total points
ID: 36556222
You don't want the uploader to see what they've uploaded, or just other uploaded data?  There is a special group called CREATOR OWNER.  You can grant only this group and other necessary groups permissions to the upload share and remove the Everyone/Authenticated Users rights.  Just assign WRITE  permissions without using Read, Modify, etc.
0
Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

 
LVL 25

Assisted Solution

by:yo_bee
yo_bee earned 600 total points
ID: 36556242
I do not think it is possible to have someone have Write access to a share, but hide th content.  
You are sort of negating the ACL you are trying to allow.

When it comes to Windows FTP you still will see the files since they are in the same folder.

You will need to do something like ALEXPACE suggested.
I would recommend ROBOCOPY (Free download for 2003 or already part of 2008).
This will monitor the folder for changes and when it see's one it will then mov the file.  
robocopy "source" "dest" /mov /MON:1 /log+:"logfilename".log
The other is to run the number of minutes there is between each pass.
robocopy "source" "dest" /MOV /MOT:1 /LOG+:"logfilename".log
Have this as a scheduled startup batch.
0
 
LVL 4

Expert Comment

by:duffme
ID: 36556281
I forgot to mention: once a user copies data to a drive with no read access they can not confirm that the copy was successful and may try to do so again.  If you go with CREATOR OWNER and and don't care that the user sees what they themselves copied then it is easier.  You could always run a script periodically to set all permissions on existing data so users don't see even their own uploads.
0
 

Author Comment

by:Aelara
ID: 36556291
Thank you all for the info, I'm not concerned about individuals being able to see their own files, I simply need them not to see other peoples files. I'll give it a go tomorrow.

Regards, A.
0
 
LVL 25

Expert Comment

by:yo_bee
ID: 36556307
Like I said, they will see them, but will not be able to open them.
There is no way to find the file with NTFS.

The best way to hide the files is to have them moved upon uploading.

0
 

Author Closing Comment

by:Aelara
ID: 36587129
It's worked, Many thanks.
0

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Suggested Courses
Course of the Month3 days, 11 hours left to enroll

599 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question