Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Controlling who can view, edit, delete files within an office network

Status
Not open for further replies.

Mizugori

Programmer
May 21, 2007
56
US
If you have an office network, and you want to make it so that different departments have access to different files, what is the best way of doing this?

My first idea was to create a number of folders on one of the server drives, such as HR, IT, ACCOUNTING, etc... and have each department store their files in their respective folders. Then I want to make groups in Active Directory, and add the users accounts to the group for the department they work in. Then, I will set the file permissions for that group for each of these folders.

Is this a sound plan, or not? Is there a better way? Also, is there a way to make it so that the folders one does not have access to, are not even visible to them?

Thanks!
 
That is exactly the way most people do it.

To hide folders, download and install ACE from the MS site.
 
Or you could make them hidden shares by adding a $ to the end of the share name.

Example:

\\server\share would show if someone browsed to the server
\\server\share$ would not show if someone browsed to the server

You map it the same way as a normal share (i.e. net use s: \\server\share$)

h
 
hi,
... Controlling ...
what you mean ?

If you inted "who" "can" "do something" ,
all above solutions are good and probaply exist others,

but usually responsibles of departments need to know :

"who" "has done" "something"

created,
deletetd,
but more very important: modified,
a file ?

There is no way to do this without a specific SW,
that tracks this on a DB which contains Office data inside it(CRM software) or points to a vault with documents on which a service has super protected private ownership (PDM sw in technical environments)

ciao
vittorio
 
Use Access Based Enumeration for this problem:

Windows Server 2003 Access-based Enumeration makes visible only those files or folders that the user has the rights to access. When Access-based Enumeration is enabled, Windows will not display files or folders that the user does not have the rights to access.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top