Solved

Windows Server 2008 - restrict user to one folder

Posted on 2012-04-03
7
2,098 Views
Last Modified: 2012-04-03
Hello,

my question is how to restrict user, so he can only see one folder (and has read/write privileges on it), and nothing else than that folder? In that folder I will put executable program, which is connected to database which will also be in that folder. (so, that folder contains one executable program and database file. User will also be able to create documents in that folder).

It is very important to restrict users not to see or change whole file system or run other programs on the server.

Is this possible on Windows Server 2008 R2?


Best Regards, Frenky
0
Comment
Question by:AntonioRodrigo
  • 4
  • 3
7 Comments
 
LVL 12

Accepted Solution

by:
Imtiaz Hasham earned 500 total points
ID: 37799742
Under security priviledges for that folder, give the user the write permissions.

For all other shared folders, deny the specific user rights.

If this is a regular occurance, you should use Groups to give these permissions and add the users to the folders.
0
 

Author Comment

by:AntonioRodrigo
ID: 37799804
thasmah, thanks a lot for answer - is it possible to prevent the user to see file system? So he can only see his desktop.
0
 
LVL 12

Expert Comment

by:Imtiaz Hasham
ID: 37799815
This would need to be applied via the group policy.

you can hide drive letters altogether.

If you want it for a single user, you need to move them to a different OU on the AD and then apply the GP there.
0
Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

 

Author Comment

by:AntonioRodrigo
ID: 37799872
Thanks again. Since I'm quite new to Windows Server administration - perhaps some link how to do this or any more detailed information?


Best regards, Frenky
0
 
LVL 12

Expert Comment

by:Imtiaz Hasham
ID: 37799891
you could add me to skype. username (all dots removed) i.h.a.s.h.a.m and I can guide you over skype with this :)
0
 

Author Comment

by:AntonioRodrigo
ID: 37799909
Thanks a lot )) I will add you as soon as I come home - I don't have skype on this computer, nor mic.
0
 
LVL 12

Expert Comment

by:Imtiaz Hasham
ID: 37799919
No worries.

Thanks for accepting the solution.

Let me know what time as I am usually tied up.
0

Featured Post

Are your AD admin tools letting you down?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A procedure for exporting installed hotfix details of remote computers using powershell
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question