Hi, I have a Windows 2003 Server which is the file server for the company. It has the following file system structure:

FileSystem_Root

+- FolderA

....+- FolderA1

....+- FolderA2

........+- FolderA2.A1

............+- FolderA2.A1.A1

....+- FolderA3

I want to give the AD group UserGroup123 Modify access to only folder "FolderA2.A1.A1". They are not to see any file names in the tree structure other than in folder "FolderA2.A1.A1".

However, When they access the fileserver via a shared name, they will start in "FolderA" (this is a must) and thus need to traverse thru "FolderA2" & "FolderA2.A1" to get to their destination folder. So far I have been able to limit their access as per my requirements but the users can still see any files in the folders they traverse and I do not want that.

I have the following security setup so far:

Group: UserGroup123

Apply onto: This folder and subfolders

Permissions:

* Traverse Folder/Execute File- Allow
* List Folder/Read Data- Allow

Group: UserGroup123

Apply onto: Subfolders and files only

Permissions:

* List Folder/Read Data- Deny

Can someone let me know which permissions I need to stop the group from seeing file names as they traverse the folder structure?

Hi,

First remove all permissions related to UserGroup123 to avoid conflict.

Then please set Traverse/Execute, List Folder/Read Data - UserGroup123 - This Folder Only on each level of folders.

This will prevent permissions to be applied on files in all these folders.

Note: You will need to check if such permissions are already applied to these files. Remove it on all files if so.

Thanks Shaon, but that basically gives me what I already have- the users is able to traverse the folder structure, moving through the folders I allow the users to move through, but the users can still see all files on the filesystem, although they cannot open the files.

I want to set the permissions so that the users can traverse the respective folders but not see any of the file names as they move through.