Folder Share Permissions

[arun]

Archived from groups: microsoft.public.win2000.security (More info?)

Hi
We have a shared folder on Windows 2000 server which our clients access to
read some files from there. Client Application map the shared folder using a
fixed credential of the user on the server. The share is always set with the
appropriate permissions with the user on the server to be able to read the
files from the share.

My question is, is it possible to set the share permissions in such a way
that clients can not see the folder list but can read the files if they know
the file name. I tried setting "No Folder List" permission to the server user
but that takes away the read permission also and the client can not read any
file from that folder.

Thanks for your help
-Arun

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

Arun wrote:
> Hi
> We have a shared folder on Windows 2000 server which our clients
> access to read some files from there. Client Application map the
> shared folder using a fixed credential of the user on the server. The
> share is always set with the appropriate permissions with the user on
> the server to be able to read the files from the share.
>
> My question is, is it possible to set the share permissions in such a
> way that clients can not see the folder list

If you mean, set it up so that they can't even see any folders they don't
have access to, no. Netware does this; Windows doesn't. You can use a hidden
share at the parent folder (share$) so they can't browse to shares, but if I
understand what you're asking for, the answer is no. If you have your
security set up right with NTFS permissions, it really doesn't matter if
they can see things....

> but can read the files
> if they know the file name. I tried setting "No Folder List"
> permission to the server user but that takes away the read permission
> also and the client can not read any file from that folder.
>
> Thanks for your help
> -Arun

 

[Guest]

Archived from groups: microsoft.public.win2000.security (More info?)

I have not been able to get that to work in a quick test but in theory if
the users had the "traverse folder" permission for the folder only in the
apply onto box or they simply have permissions to files only [since users
should have bypass traverse checking user right by default] , they could
still be able to access files. You might want to try that and maybe you will
have better luck. When you configure special permissions the user or groups
can have more than one special permission such as one for folder only and
another for files only. -- Steve

http://www.microsoft.com/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/standard/proddocs/en-us/acl_special_permissions.asp
-- explanation of special permissions and traverse folder permission.

"Arun" <Arun@discussions.microsoft.com> wrote in message
news:1AC877CE-2628-4260-8628-D434DFA03974@microsoft.com...
> Hi
> We have a shared folder on Windows 2000 server which our clients access to
> read some files from there. Client Application map the shared folder using
> a
> fixed credential of the user on the server. The share is always set with
> the
> appropriate permissions with the user on the server to be able to read the
> files from the share.
>
> My question is, is it possible to set the share permissions in such a way
> that clients can not see the folder list but can read the files if they
> know
> the file name. I tried setting "No Folder List" permission to the server
> user
> but that takes away the read permission also and the client can not read
> any
> file from that folder.
>
> Thanks for your help
> -Arun
>
>