Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

[b]Hiding Folders in 3.12[/b]

Status
Not open for further replies.
Jimdeb03

Jimdeb03

IS-IT--Management
Joined
Dec 10, 2002
Messages
89
Location
US
We're running Netware 3.12 where current Users have Everyone and Supervisor privileges. All Users can see all folders. Fine.
Now, we want to hide a folder from everyone else so I've created a new Group with a Directory Assignment just to this new folder. I've created a new User that belongs only to this new Group. Login with this new User and indeed they see only the hidden folder, along with \Mail and a folder in their own name.

So good so far, but all the current Users can also see this new folder which needs to be hidden from them. If I take away Supervisor privileges from the current Users, then they no longer can see all the folders as before which is not what we want either.

All I want to do is hide a single folder from our current Users and grant access to only one new User but am running into a quagmire.

If I take away Supervisor rights to the Current Users, which denys them access to the hidden folder, what then is the best approach so the Current Users can see ALL folders but the one I want to hide?

I suppose I could assign each folder (that Current Users need to access) via Directory Assignment to another Group and assign my current users to this Group, but what if someone adds a folder?

What am I missing?

Thanks
Jim
 
Sort by date Sort by votes
Jim, you should not be providing the Everyone group Supervisor privileges in any way since this is an extremely dangerous security hole you have created for yourself. If you want users to access all files/folder you should create a separate group(s) and put your users in that one, and assign access to the folders that they need to see. In this way, you will be able to create subsequent folders and only allow access as needed. This current setup of yours is just asking for trouble.
 
Upvote 0 Downvote
I concur with itsp1965.

To address your current problem, please recall that in Novell, rights flow down the directory tree and if a person belongs to many groups, the rights are the UNION of all the group rights. (Except access control I think). So you got to explicitly block out others since you have give supervisory rights to all.

So what you gotta do are:
Take itsp1965's suggestion.
Navigate to the required directory in FILER or and explicitly create entries to delete all rights for others.

End


 
Upvote 0 Downvote
I inherited this Novell network with the position so this is all new to me. Before making the changes, everyone accessing the network was using the same login anyway so they weren't too concerned about security.

Things change and I did implement itsp1965's suggestions which were successful to a point. I created a new Group with Directory Assignment to an exclusive folder. Any User wanting access to this folder belongs to this Group. I created another Group granting access to the remainder of the folders and assigned Users accordingly.

All that works fine, but printing is out of whack. There is a Print Server on the network which earlier assigned Supervisor as Operator. Well not all Users belong to the Supervisor Group anymore so some Users could no longer print.

What's the difference between a User and Operator for a Print Server anyway?

Here's what transpired to enable printing to some Users but not all, which is puzzling.
The new Group PROFFILE, exclusively assigned to the Pro_File folder, was added as a Print Server Operator. I noticed a group needed Directory Assignments of SYSTEM and PUBLIC to print so they were added as well.
I also went ahead and added Group PROFFILE as a User under Print Server AND Print Queue Info.

Is adding Operators and/or Users to the Print Queue necessary? How do you tell, experiment? We have no reason to restrict printing.

Well printing is improved; I have Users that have exclusive access to folders and that can print to the print server as expected.

The big question is why the printing ability isn't broad based with all Users belonging to identical Groups and with identical Security Equivalents.

Is adding Users/Operators necessary to the Print Server or Print Server Queue? I'm under the assumption if I assign certain rights or privileges to a Group, then everyone a member of that group would work the same, but doesn't.

I do have some Users belonging to multiple Groups, could this be causing the problem?

Maybe someone could explain 'if a person belongs to many groups, the rights are the UNION of all the group rights.'

For some reason upon logging on, Novell creates three identical mappings. Why three I do not know. Anyway, when logging on as Supervisor, I notice that these mappings are NOT identical where one is missing the restricted folder via the PROFFILE Group. The trouble is User Supervisor belongs to all Groups.

Anyway, thanks for the help
Jim



 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

VicM
  • Locked
  • Question Question
Win7 backup on Win11 Pro box not completing as it had in the past
Replies
2
Views
988
VicM
VicM
vgulielmus
  • Locked
  • Question Question
Windows 10 Pro - cannot use the start button
Replies
5
Views
1K
DrB0b
DrB0b
J
  • Locked
  • Question Question
laptop battery issue
Replies
3
Views
1K
laptopfixingnearme
L
joemamps
  • Locked
  • Question Question
Netware 5 slow btrieve transaction after nw50sp6a update.
Replies
1
Views
527
Provogeek
Provogeek
bazil2
  • Locked
  • Question Question
Contents of folders with names containing German umlauts (üöäÜÖÄ), can't be seen in Windows.
Replies
0
Views
258
bazil2
bazil2

Part and Inventory Search

Sponsor

Back
Top