Windows 2008 Access Based Enumeration
Posted on 2012-08-17
We have a Windows 2008 Active Directory environment with Windows 7 workstations. We have a shared drive at the root of the share, the users have Read attributes, Read extended attributes and List. Within this folder, are folders assigned to different groups. When a user logs in, he has access to the contents within the folder which he has rights to but he can see all of the other folders. For example, at the root folder the AllStaff group has the three rights within the folder each other is assigned rights only to the appropriate group and domain admins. Inherited rights were not allowed to propagate to the sub folders. When he doubles clicks on one of then, a message is displayed indicating that the folder is no longer available. We have checked the ABE box from the File and Sharing area of the Fileserver Role. Is it correct that the only folders visible should be the ones to which a user has explicit rights? Are we missing something? Thanks for any help.