CrimeScene
IS-IT--Management
- Jul 5, 2003
- 59
Hello.
On my server, at the root level, I've set USERS to have "List Folder Contents" security only. Then, I've delegated authorization as needed for specific Groups to specific folders.
This setting allows USERS to browse the entire folder structure even though they can only open files they're authorized to.
My question is .. how can I prevent USERS from seeing the actual file names within folders that they're not authorized to? I've tried tweaking the Advanced security options for USERS, but nothing seemed to work .. except that I prevented USERS from browsing the folders completely! That's bad because there may be a sub-folder that USERS *DOES* have access to, but not the parent folder. Therefore, I want them to be able to "click" through Network Neighborhood, drilling down to the sub-folder that they have access to. The only way I could get this scenario to work was by setting USERS to "LIST FOLDER CONTENTS" and nothing more. Yet, to reiterate, USERS can now see the names of files in Folders they don't have authority to ... and I want to prevent that.
Any insight would be appreciated. Thank you.
On my server, at the root level, I've set USERS to have "List Folder Contents" security only. Then, I've delegated authorization as needed for specific Groups to specific folders.
This setting allows USERS to browse the entire folder structure even though they can only open files they're authorized to.
My question is .. how can I prevent USERS from seeing the actual file names within folders that they're not authorized to? I've tried tweaking the Advanced security options for USERS, but nothing seemed to work .. except that I prevented USERS from browsing the folders completely! That's bad because there may be a sub-folder that USERS *DOES* have access to, but not the parent folder. Therefore, I want them to be able to "click" through Network Neighborhood, drilling down to the sub-folder that they have access to. The only way I could get this scenario to work was by setting USERS to "LIST FOLDER CONTENTS" and nothing more. Yet, to reiterate, USERS can now see the names of files in Folders they don't have authority to ... and I want to prevent that.
Any insight would be appreciated. Thank you.