Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Folder Permissions
- Thread starter dmcse
- Start date
it hides the folder from regular users, and prevent them to access it. It is similar to set a file as hidden, "only those who know" that the file has that setting will be able to get to it.You wont see it but it is there.
A+, MCP, CCNA
marbinpr@hotmail.com
"I just know that I know nothing"
Socrates (469-399 B.C.E.)
A+, MCP, CCNA
marbinpr@hotmail.com
"I just know that I know nothing"
Socrates (469-399 B.C.E.)
The $ at the end prevents the folder from appearing in the browser window, but does not stop anyone who knows the folder name from connecting to it. A better way is to build the standard share, then put a lower level directory in the directory that has been shared.
Set the permissions on this subdirectory to deny access to all who do not belong (they will not be able to display directory contents if denied access, but can still see the directory exists), and set specific permieeions to each user, depending on how you wish to control their access. This way the users can see the directory is there, but can not access unless their permissions allow it. Likewise, users will be able to easily find the correct share point with their browser.
Remember that with a share, when accessing via the network share, both the share permissions and the directory permissions are applied, with the most restrictive controlling the access. Of course, all this assumes you are using NTFS file format so that protection will apply!
Hiding with $ in the name really does not provide anything but a false feeling of security.
HTH
David
Set the permissions on this subdirectory to deny access to all who do not belong (they will not be able to display directory contents if denied access, but can still see the directory exists), and set specific permieeions to each user, depending on how you wish to control their access. This way the users can see the directory is there, but can not access unless their permissions allow it. Likewise, users will be able to easily find the correct share point with their browser.
Remember that with a share, when accessing via the network share, both the share permissions and the directory permissions are applied, with the most restrictive controlling the access. Of course, all this assumes you are using NTFS file format so that protection will apply!
Hiding with $ in the name really does not provide anything but a false feeling of security.
HTH
David
David is correct. The use of the $ sign is avantagous only if you don't want anyone to see these shares in the browser.
For me this is very useful when I don't want the users to know that these folders exist at all, even if I have restricted the access of the folders. The less kludges, the better. The profiles share, for instance, is more a system share, and I don't need users to go in there and save documents there by pure ignorance.
My administrator shares are also hidden. Why putting these shares in view when they are of no use to the users, beside confusing them a bit more.
The simplest for the users - the less problems for the IT guys.
For me this is very useful when I don't want the users to know that these folders exist at all, even if I have restricted the access of the folders. The less kludges, the better. The profiles share, for instance, is more a system share, and I don't need users to go in there and save documents there by pure ignorance.
My administrator shares are also hidden. Why putting these shares in view when they are of no use to the users, beside confusing them a bit more.
The simplest for the users - the less problems for the IT guys.
- Thread starter
- #7
Many Thanks to you all for your valuable Input. I am really trying to streamline the browsing. What I am trying to accomplish is to have a share with all user files in it, and each user, when connected to the share should only see his/her file, instead of the whole contents of the share. Wonder whther this is possible, without creating a ton of shares for each file.
Any thoughts?
Thanks
DM
Any thoughts?
Thanks
DM
One way would be to put a share on each users area, open only to them, but this is a lot of shares to set up if you have a lot of users.
You can reduce the number of shares by organizing the user directories in some manner under subdirectories (say A-c, d-f, etc.)(alphebetically?) and then share the user space in blocks small enough that the user does not have to scroll down through a large number of subdirectories to get to their own location.
Should also be possible (I seem to recall this from some where, but I am not positive about this, so try it) to set up the major share at the top level, but set the user's actual mapping all the way down to their subdirectory level, so when they access, they come in at their own subdirectory.
HTH
David
You can reduce the number of shares by organizing the user directories in some manner under subdirectories (say A-c, d-f, etc.)(alphebetically?) and then share the user space in blocks small enough that the user does not have to scroll down through a large number of subdirectories to get to their own location.
Should also be possible (I seem to recall this from some where, but I am not positive about this, so try it) to set up the major share at the top level, but set the user's actual mapping all the way down to their subdirectory level, so when they access, they come in at their own subdirectory.
HTH
David
- Thread starter
- #9
Hi All,
In exasperation, I booked a support call to Microsoft, and they confirmed, that unlike NDS in Novell, where it is possible to hide files to certain users, Windows 2000/2003/XP do not have that option built in. Apparently, the documentation for this option is in the pipeline, but the closest they have come so far is to hide user profiles etc. Microsoft may improve on it in their future Versions.
Thank you all for your Input. Appreciate it very much, and thanks for this great Forum. Keep it up !!
DM
In exasperation, I booked a support call to Microsoft, and they confirmed, that unlike NDS in Novell, where it is possible to hide files to certain users, Windows 2000/2003/XP do not have that option built in. Apparently, the documentation for this option is in the pipeline, but the closest they have come so far is to hide user profiles etc. Microsoft may improve on it in their future Versions.
Thank you all for your Input. Appreciate it very much, and thanks for this great Forum. Keep it up !!
DM
- Status
Similar threads
- Locked
- Question
