Solved

Allow access to just one sub folder using NTFS permissions accessing via RWW

Posted on 2014-04-22
4
1,267 Views
Last Modified: 2014-04-22
Hi all,

I'm having a really hard time trying to get the right way to share a folder for a user on a 2011 SBS server.

I will try to simplify the setup and question as best I can.

The main document share on the server all hangs off a folder called D:\Public.  Under that we have Folder A, Folder B, Folder C etc.   Under each of those folders are many subfolders and under those many many more sub folders.

All users were set up to have full control of D:\Public and all sub folders at both share and file level.

A new consultant has just started and only accesses server documents using Remote Web Working.  The new consultant needs to be denied access to absolutely everything on the share except one sub folder all the way down the tree (Let's say D:\Public\Folder B\Clients\Smith\Jones\Projects\4)

I think I am massively over thinking and complicating this but the only way I can think of making sure he can't see anything other than the one folder is to grant access to D:\Public then go in and add the user to all subfolders and select deny apart from the one sub folder he needs.  Unfortunately due to the sheer number of folders this takes ages.  

Can someone please tell me if I can just grant access to one sub folder which will allow them access via the shared folder option in RWW but will not even show the existence of any other folder above it?

Thanks

Adam
0
Comment
Question by:amlydiate
  • 2
  • 2
4 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 40014975
Create a new share just for that sub-folder and give him access to that (only).
0
 

Author Comment

by:amlydiate
ID: 40015096
Trouble is I've made a rod for my own back by granting "Everyone" access at the top level, therefore even if I just share the sub folder to the one person they are still going to get access to everything else unless I deny permissions to all other folders...
0
 
LVL 70

Accepted Solution

by:
KCTS earned 500 total points
ID: 40015141
Deny should only be used in exceptional circumstances.
Its easy to opt for the 'quick fix' and grant permissions for everyone, more often than not this complicates matters further down the line.
I would re-visit the way you have set out the access with a view to removing permissions for 'everyone'
0
 

Author Closing Comment

by:amlydiate
ID: 40015210
Thanks for your help
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A quick step-by-step overview of installing and configuring Carbonite Server Backup.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question