Solved

Allow access to just one sub folder using NTFS permissions accessing via RWW

Posted on 2014-04-22
4
1,247 Views
Last Modified: 2014-04-22
Hi all,

I'm having a really hard time trying to get the right way to share a folder for a user on a 2011 SBS server.

I will try to simplify the setup and question as best I can.

The main document share on the server all hangs off a folder called D:\Public.  Under that we have Folder A, Folder B, Folder C etc.   Under each of those folders are many subfolders and under those many many more sub folders.

All users were set up to have full control of D:\Public and all sub folders at both share and file level.

A new consultant has just started and only accesses server documents using Remote Web Working.  The new consultant needs to be denied access to absolutely everything on the share except one sub folder all the way down the tree (Let's say D:\Public\Folder B\Clients\Smith\Jones\Projects\4)

I think I am massively over thinking and complicating this but the only way I can think of making sure he can't see anything other than the one folder is to grant access to D:\Public then go in and add the user to all subfolders and select deny apart from the one sub folder he needs.  Unfortunately due to the sheer number of folders this takes ages.  

Can someone please tell me if I can just grant access to one sub folder which will allow them access via the shared folder option in RWW but will not even show the existence of any other folder above it?

Thanks

Adam
0
Comment
Question by:amlydiate
  • 2
  • 2
4 Comments
 
LVL 70

Expert Comment

by:KCTS
ID: 40014975
Create a new share just for that sub-folder and give him access to that (only).
0
 

Author Comment

by:amlydiate
ID: 40015096
Trouble is I've made a rod for my own back by granting "Everyone" access at the top level, therefore even if I just share the sub folder to the one person they are still going to get access to everything else unless I deny permissions to all other folders...
0
 
LVL 70

Accepted Solution

by:
KCTS earned 500 total points
ID: 40015141
Deny should only be used in exceptional circumstances.
Its easy to opt for the 'quick fix' and grant permissions for everyone, more often than not this complicates matters further down the line.
I would re-visit the way you have set out the access with a view to removing permissions for 'everyone'
0
 

Author Closing Comment

by:amlydiate
ID: 40015210
Thanks for your help
0

Featured Post

NAS Cloud Backup Strategies

This article explains backup scenarios when using network storage. We review the so-called “3-2-1 strategy” and summarize the methods you can use to send NAS data to the cloud

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I was supporting a handful of Windows 2008 (non-R2) 2 node clusters with shared quorum disks. Some had SQL 2008 installed and some were just a vendor application that we supported. For the purposes of this article it doesn’t really matter which so w…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

867 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now