"ToddAndMargo" <ToddAndMargo@newsgroup> wrote in message
> Hi All,
> I have a WS08-1 TS that several of our customers use.
> Problem: with Windows Explorer (not IE), they can browse
> to the C: drive, click on "users" and see the names of all the
> other users (a list of our customers essentially).
> I need to protect the user's privacy (their names) from everyone
> else. How do I make it so they only see their own name and
> none of the other user's names?
> Many thanks,
Yup.I would rename each folder to something else, such as a customer number,
or other identifier, instead of using the customer name. This way they don't
know who your other customers are by looking at the list.
Then for each folder NTFS security permissions:
Disable Inheritance. Remove All. Then replace with:
Domain Admins = FC
Specific Customer User or Group Name = FC
System = FC
You can also look into ABE:
Windows Server 2003 Access-based Enumeration http://www.microsoft.com/windowsserv...rview/abe.mspx
Enable Access-Based Enumeration on a Namespace http://technet.microsoft.com/en-us/l.../dd759150.aspx
Using Inherited Permissions with Access-Based Enumeration http://technet.microsoft.com/en-us/l.../dd834874.aspx
This posting is provided "AS-IS" with no warranties or guarantees and
confers no rights.
Please reply back to the newsgroup or forum for collaboration benefit among
responding engineers, and to help others benefit from your resolution.
Ace Fekay, MCT, MCTS 2008, MCTS Exchange, MCSE, MCSA 2003 & 2000, MCSA
Microsoft Certified Trainer
For urgent issues, please contact Microsoft PSS directly. Please check http://support.microsoft.com
for regional support phone numbers.