file and folder visibility, on/off?

[cth2000 10]

I need to use a flat folder structure, and when different users logon to the folder the different folders within the shared folder should be visible and not visible to the respective groups.

 

Example:

User bosses: logs on to a company shared folder(public).

share: bosses

Permission: only bosses

(example--must share folders, files with the personel)

--(with out saying, YES I could make a seperate file share for this, but it is so wished)

 

User joe-normal: he logs on the public share and sees the folder bosses, ---this should not be visible, how do I make the folder visible to one group and not the other????

it is not enough that the user joe gets access denied, no it must be that he can not see the folders, and files. (this is possible in Novel for example)

one little information extra;

this can save someone there job, because if the files and folders are being audited, and joe trys a few times to get in the folder, or the files, he could be fired, If can not view them then i am saving his job for him.

 

Please help someone...

[grizzly999 11]

Sorry, but this cannot be done within Microsoft Operating Systems like it is possible in NetWare, due to the different design of security implementation in Windows and Novell.

 

You have to make different shares with different permissions to achieve this

 

 

grizzly999

[grizzly999 11]

Please: Don't use double- or triple posting in the board. It is only puzzling and has no further advantage. ;)

 

Thx

 

grizzly999

[ZAPnDUSTER 11]

I'd try to hide the shares by using the dollar char.

 

Like this: boss-share$

[grizzly999 11]

Original geschrieben von ZAPnDUSTER

I'd try to hide the shares by using the dollar char.

 

Like this: boss-share$

Useless cause you will see every folder withii the share even if you don't have any permission on it. But that's the requirement....

 

grizzly999

[ZAPnDUSTER 11]

It was just for the records, to hide shares someone can use the dollar sign.

 

Ok, you can't hide subfolders of a share. I agree on that.

 

@cth2000

Are you still here? ;)

[Damian 1.526]

@ cth2000

You can solve this problem with 3rd-party-software. Search in Google with the keywords "Hide Folders". ;)

 

Damian

[cth2000 10]

I have found the 3rd party program hide folders, but I can not get it to hide the folders for groups, it removes the entry in the "MFT" and the files and folders are no longer accessable until the "MFT" gets the entrys returned, (turning the software off)...

 

I really need a solution, and a 3rd party software that extends the DACL, or even BETTER would be a GPO extention in the ADS, or a .ADM file that has the ability to do what I need to do.

 

Anyone else have the talent of writing a .ADM template... I am to lazy and do not know if it would work?

 

Please so many have so many good ideas,,,, let us BRAIN STROM!

[grizzly999 11]

Ok, I really would help you, but cause of the the architecture, how access control and DACL checking is done in Windows, what you want to achive is not possible. And no brainstorming and no *.adm will help you. That's the fact, and you and the rest of the world have to live with it or to change the operating system or to workarond in the manner I told above ;) :(

 

grizzly999

[edv-olaf 10]

Original geschrieben von cth2000

I really need a solution,

 

,,, let us BRAIN STROM!

Well, as grizzly mentioned, there is no chance to let this work with MS-products because of the structure and the way the rights are managed.

 

In my opinion (sorry board-guys for the terrible idea) you should change the OS to work with a filesystem that is able to really hide the shares.

uhhmmm.... i. e. what about Linux Samba, or NetWare NFAP/CIFS? Both work excellent in that way you try to reach and it would be quiet easy to integrate these servers into your it-infrastructure.

 

No money? No knowlegde about? If it is really important the price doesn't matter.

 

Greetings

Olaf

 

PS:

this can save someone there job, because if the files and folders are being audited, and joe trys a few times to get in the folder, or the files, he could be fired,

Then you (or your boss) should blame the MS-engineers and developers which are responsible for this kind of sharing-secutiry.

[ZAPnDUSTER 11]

Btw: It works in MS Cluster environments:

http://www.microsoft.com/resources/documentation/WindowsServ/2003/enterprise/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/enterprise/proddocs/en-us/cluad_pr_76.asp

[grizzly999 11]

Yeah, cool.. I've forgotten about this :cool:

 

grizzly999

[edv-olaf 10]

If you want to prevent users from seeing the subdirectory shares when they browse the network, click Hide subdirectories shares, and then click OK.

Hey, great thing. But why is it required to buy and administrate a cluster? Why isn't it implemented in the "normal" Server?

 

Perhaps, MS saves that new feature for the Longhorn-server-version so everybody has a reason to buy it... :D:D:D