How to hide folders that a user doesn't have access to

[David Jensen]

Hi,

In Win 2000 Server, when we give an individual access to a single folder and
there are other folders on the same level the user can see all the folders,
not just the one they have access to. If they click on the folders they
don't have security access to it will alert them that they don't have
access, but it is very frustrating to have them see folders that they can't
access. They get frustrated since they have to keep clicking on folders
till they see what they can access and I don't like users seeing at all the
folders that they can't access.

What is the right way to allow a user to see only the folders that they have
access to?

Thanks so much

 

[Torgeir Bakken \(MVP\)]

In Win 2000 Server, when we give an individual access to a single folder and
there are other folders on the same level the user can see all the folders,
not just the one they have access to. If they click on the folders they
don't have security access to it will alert them that they don't have
access, but it is very frustrating to have them see folders that they can't
access. They get frustrated since they have to keep clicking on folders
till they see what they can access and I don't like users seeing at all the
folders that they can't access.

What is the right way to allow a user to see only the folders that they have
access to?

Hi

NTFS doesn't support what you want (but if you are willing to
switch file server OS, Novell Netware does ;-)

 

[Dave]

you could map their drive to only the folder they need access to if there is
just one. maybe a better subdivision of folders could be made so that you
could map a drive for a group that needs the same set of folders. or just
give them a set of shortcuts to the folders they need so they don't have to
go through the explorer to find them.

 

[David Jensen]

It seems like this is such a basic issue, it is hard to imagine that such
ability doesn't exist. C'mon Microsoft! How do most companies work around
this limitation?

David

 

[David Jensen]

Does Windows Server 2003 handle this better?

David Jensen

 

[Torgeir Bakken \(MVP\)]

Does Windows Server 2003 handle this better?

Sadly, no

 

[Joe Richards [MVP]]

This functionality is lacking in many file systems. NTFS happens to be one of them.

Your options are to map the user directly to the folder they should be in or
tell them to not be frustrated.

 

[David Jensen]

When you say to "map the user directly to the folder they should be in", I
presume that you mean mapping on their local machine, don't you? Or is
there a way to map them on the server itself to control what they get to?

Sorry for the ignorance displayed by this question.

David Jensen

 

[Joe Richards [MVP]]

Depends on how you are mapping them now...

if you currently map clients via logon script to

\\servername\sharename

then change that script to be


\\servername\sharename\folder


or set up another share to the specific folder and do

\\servername\newsharename


If you normally map them at the client, you will need to do it that way.


Note the above example with subfolder mapping is W2K or better clients.

joe

 

[Darren Meger]

If you set a policy so that only a group of users with the same security
access have access to specific folders and files, that should clear up the
issue with other users seeing files and folders that they don't have access
to.

 

[Kilroy]

David,

Check out a product called Cloak.
http://www.scriptlogic.com/cloak

Hides files/folders based on NTFS permissions (just like NetWare)
I believe it is just what you're looking for.