How can I prevent user to access.

[kutz]

Hi,
I have a database that is accessed through file sharing and it works great
in Win 2000 Server. My problem is how can I prevent users to browse the
shared directory in windows explorer or in any possible viewing, meaning the
Application only can only see the shared directory. How can I hide it. Im a
newbie in Win2K plattform.

Thanks in advance,
kutz

 

[TC]

I'm unsure if you can do this.
You can always put that database into a folder on it's
own and then share it that way?
Or just create permissions that allow only certain people
to access the share.
You can also make it a hidden share, but still people
will have access to it if they know the share name

 

[kutz]

Thanks TC for your prompt answer.

I'm unsure if you can do this.

You can always put that database into a folder on it's
own and then share it that way?

Cuurently it was shared on default meaning full access.

Or just create permissions that allow only certain people
to access the share.

Yes, we have permission for all the users i.e. read, write;

You can also make it a hidden share, but still people
will have access to it if they know the share name

How does it work? please. Meaning it is shared but not visible on the
Win Explorer nor in the Network Neigborhood

Thanks in advance,
kutz

 

[TC]

Hi again,

If it is the only thing in the shared folder, what is the
problem? Either way they are always going to have access
to the file anyhow...

And the hidden share means exactly that. It is shared,
but not visible in network places (neighbourhood). If it
is mapped you will be able to see the share name though.

To make a hidden share, name the share as normal but put
a $ at the end.
eg: \\servername\share is visible in network places
\\servername\share$ is not visible in network places, but
still accessible if the user types in that exact path
with the $

 

[kutz]

Thanks TC,
I think that's the only we can do for a moment.
Have you try restricting your user before in GP?
to solve that sort of predicament.

Cheers,
kutz

 

[Matthew Wetmore [MSFT]]

To really securely accomplish what you're trying to do, you'd need to have
the users interact with something like a service running with a particular
set of credentials, then secure the share to that set of credentials.
Essentially you'd need a custom application.

As other folks have mentioned, you can hide it - but you won't be able to
"secure" it if the user themselves can directly write to the file. You
can't secure something directly to an application.