2-12: Prevent Users from Seeing What They Cannot Access
Solution overview
Type of solution | Guidance |
Features and tools | Access-based Enumeration (ABE) |
Solution summary | The Windows Server 2008 file server role includes ABE, which enables you to hide from users the folders and files that they cannot access in a shared folder. |
Benefits | Decreased help desk calls, and a security-trimmed view of shared folders |
Introduction
On a traditional Windows folder, the List Folder Contents and Read Attributes permissions enable a user to see what the folder contains. The user sees all files and subfolders, whether or not the user can actually open those objects. The ability to open the object itself is managed by the Read or Read & Execute permissions.
When I began providing ...
Get Windows® Administration Resource Kit: Productivity Solutions for IT Professionals now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.