In the corporate LAN, a file server is usually built to share some files for LAN users to access. However, in the need of file security considerations, sometimes we need to hide some shared files, especially need to hide some shared files that users do not have access to, thus protecting the shared file security and preventing users and outsiders who are not authorized to access the LAN from accessing the share. The behavior of the file.
So, how do you hide shared folders, how to hide shared documents, and how to hide shared files or shared folders that users don't have access to? The author believes that it can be achieved in two ways:
First, use the Windows Server 2003 Access-based Enumeration plug-in that comes with the operating system to hide shared files and not display shared folders that users do not have access to. .
Windows Server 2003 Access-based Enumeration, this plugin uses the NTFS partition feature to hide folders that users do not have permission to use. Users have no way to see folders that they do not have permission to use. of.
Access-based Enumeration is a feature included in WS03 SP1 that enhances the security of shared files. ABE filters the visibility of shared folders based on user access rights. It prevents folders or other shared resources from being leaked to users who do not have access. By using ABE, IT system administrators can ensure that users can only view folders and files they have access to, and those folders and files that they do not have access to are not displayed in their files and folders list. come out.
1. Users need to download the appropriate ABE engine. Each engine is suitable for different Windows installation files or MSI file types. There are three types available: x86 for 32-bit systems, x64 for 64-bit systems, and ia64 for Itanium systems.
2. After installation, type regsvr32 abeui.dll at the command prompt to register the ABEUI.DLL file.
3. After the installation is completed, there will be an “Access-based enumeration” item in the “Attributes” of the shared folder, and a share named File will be built on the D disk (NTFS partition). Folder This folder contains two subfolders admin and user. The admin folder can only be accessed by specific users (not set to share here, but set the relevant permissions in the security of the file--properties), and the user folder Any user can access (not set to share here, but set the relevant permissions in the security of the file - properties), and set the folder to be fully shared.
4. Right click on the folder admin, then <;properties"——“security&>——advanced——allow“allow parent inheritance permissions to propagate to Object and all child objects. Including those items (A) that are clearly defined here, the previous check is removed, a dialog box pops up, click “Copy”, click “" Apply”.
5. Go back to the Properties dialog and delete ”USERS”user, click “OK”, complete permission settings.
6. Right click on File folder ——“property”——“Enable access-based enumeration or this shared folder”, if you want to apply this setting to the computer all shared Please select “Apply this folder’s setting to all existing shared folders on this computer”.
7. You can access the shared folder from the client, you will find that the admin folder is already invisible.
Please note:
1. The ABE function is invalid for local administrators.
2, ABE changes the access mode of the shared directory, will increase the CPU utilization of the server and will reduce the access speed.
3, only the shared directory attributes will appear in the ABE property page
The next step is to deploy the VBS login script, to automatically map the network disk to AD users, this script will judge whether There is the same network disk, and the network disk will not be repeatedly generated.
ASP/Visual Basic Code Copy content to clipboard On error resume next
At this point, we will bring it through the operating system. The plugin implements hiding shared folders, prohibiting users from reading shared folders that do not have access rights, and not displaying hidden shared folders.
Method 2, with the help of dedicated shared folder management software to prevent the display of shared files, hide shared documents, and do not display documents that users do not have access to.
At present, there is a special software for server shared file management in China, which can prevent users from viewing shared files and prohibit users from reading shared files without access rights, thus enabling shared files with hidden user access rights. Prevent users from viewing the shared files that they do not have access to, and protect the security of shared folders. For example, there is a “popular to shared folder management software” (download address: http://www.grabsun.com/gxwjjm.html), which only needs to be installed and deployed on a computer with shared files. Real-time monitoring of the access status of shared files, you can set the user's access to shared files, you can prohibit users from reading shared files, prohibit access to shared files, and do not display shared files that are not authorized to access. The specific operation is relatively simple: click on “Browse” at the top, then select the shared file to be protected, then select the user name you want to give access to the shared file on the right, and then check the right to give it access to the shared file. By default, the software selects the “Read” permission. If you uncheck the checkmark in front of the “Read” permission, and then click “protect” in the lower right corner, you will not be able to read the shared file. That is, hiding shared files and not displaying shared files. As shown below:
Figure: Cancel & ldquo; Read & rdquo; permissions to hide shared files
In addition, with the help of the general trend to shared folder management software & rdquo;, can also only read the shared file and prohibit copying the shared file, only modify the shared file and prohibit the deletion of the shared file, only open the shared file and prohibit the save as a shared file to the local disk, thus effectively protecting the shared file Security.
In short, whether it is by means of the operating system's hidden shared files, plug-ins and functions for setting shared file access rights, or by means of third-party shared folder management software, LAN shared folder encryption software, can be achieved Hide shared file access, block read shared files without permission access, prevent random access to shared files, etc. Which method is used, enterprises and institutions can choose according to their own needs.
Win7 system computer has noise? What should I do? Our computer audio has a murmur, and we are very u
July 24 news, previously reported that Microsoft has pushed the Win10 first anniversary update previ
Microsoft has said that Windows 10 is a service that can continue to get updates. Windows 10 is no l
How to uninstall win10 built-in application software? Win10 built-in application uninstall tutorial
Win10 Mobile Preview 10536 is no longer pushed as fast as early next week
Microsoft ACPI-Compliant Embedded Controller driver installation method
How to close IE11 browser win10? win10 close IE11 browser tutorial
Win10 free upgrade failure problems frequently Win10 is worth upgrading?
Win8.1 subscription upgrade Win10 failed solution
Delete the extra input method in Win7 system
How to open qq chat in win10 task bar?
Win10 Mobile build 10158 latest update summary: more smooth
How can I find the win7 online neighbor? Where is it?
How does Win7 quickly add the current time in Notepad without having to manually enter or copy
Practical commands and operating skills in Windows XP
Method for registering 32-bit COM components in a 64-bit operating system on a computer
Win10 Spartan browser will enjoy the new rendering engine
How to prevent bear children from playing their own notebooks?
How to speed up the Win10 system page loading?
Which methods can quickly open Win10 control panel
What should I do if the windows system computer font suddenly becomes thinner?
Windows XP configuration PPPOE dial-up broadband connection graphic routine
Win10 system boot prompt "Your hardware settings have been changed" how to solve
Detailed introduction of the TrustedInstaller.exe process under win8 system