Allow user to open a file from an Application, but not let them access the file through windows explorer
I have an application that allow users to open drawings for parts (Pdf Files) from a Link in our ERP. The files are stored in a directory called DWG (we use dfs) on a file server.
I don't want the user to "see" the files in the dwg folder, I only want them to be able to open the files using our ERP application. I have tried tweaking security but it seems like I have to give them read and list to be able to view the files.
Is there anything I can do to a folder that allows them to open a file in read only from a hyperlink that does not allow them to go to the folder itself and list / open files?
Our Erp shows the file path, so using a hidden share would not help.
Any Help is Appreciated.
I don't want the user to "see" the files in the dwg folder, I only want them to be able to open the files using our ERP application. I have tried tweaking security but it seems like I have to give them read and list to be able to view the files.
Is there anything I can do to a folder that allows them to open a file in read only from a hyperlink that does not allow them to go to the folder itself and list / open files?
Our Erp shows the file path, so using a hidden share would not help.
Any Help is Appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks guys.
We are using security in our ERP on who can open the programs that gets to the links.
We are trying to MAKE them use the ERP to get to the links as opposed to open the Folder and finding the file they want - that is why I would like to stop them from being able to list the folder contents - also we don't want them to be able to bulk print the drawings.
I have tired all kind of combinations of checking / unchecking Traverse Folder / Execute file, List folder / Read Permission.... none give me the desired results.
We are using security in our ERP on who can open the programs that gets to the links.
We are trying to MAKE them use the ERP to get to the links as opposed to open the Folder and finding the file they want - that is why I would like to stop them from being able to list the folder contents - also we don't want them to be able to bulk print the drawings.
I have tired all kind of combinations of checking / unchecking Traverse Folder / Execute file, List folder / Read Permission.... none give me the desired results.
ASKER
does not look like it is possible to be able to open a file in a folder and not have the user be able to traverse the folder and see the files and open them from there.
ASKER
I've requested that this question be closed as follows:
Accepted answer: 0 points for BFanguy's comment #a39736264
for the following reason:
does not look like this is possible.
Accepted answer: 0 points for BFanguy's comment #a39736264
for the following reason:
does not look like this is possible.
That is what I suggested to you in my post http://#a39726713
Accordingly you should accept a solution rather than your own comment which is the same thing.
... Thinkpads_User
Accordingly you should accept a solution rather than your own comment which is the same thing.
... Thinkpads_User
ASKER
agree, it is not possible to do what I wanted.
@BFanguy - Thanks for following up, and I was happy to help.
.... Thinkpads_User
.... Thinkpads_User
- Is the ERP application using windows AD as the access/authorization service or does it have its own?
- Meaning in order for users to get access the ERP app they have to be in a ERP group or does the ERP have a service account that handles the access and files?
If the ERP has the option to use a service account then it should have it's own access/auth system meaning you assign people groups to the files with in the ERP app.
If windows is controlling the access then you will have to look at how your folder structure is setup meaning ... nested folders with admin rights on the top and specific user/groups the more nested you go (this can get complicated and be a pain bc you will be adding/removing groups depending on what access).