Categories
Welcome Center
Education & Development
Cyber Security
Virtualization
General
Certification Preparation
Project Management
Posts
Groups
Training Resources
Infosec
IT & Security Bootcamps
Practice Exams
Security Awareness Training
About Us
Home
General
Off-Topic
Access based enumeration in Server 2012
Whistlestop
I would be grateful for some help with a file sharing issue I have.
I am running Server 2012 r2 and a couple of Win 7 VMs in Virtualbox in order to get more familiar with a domain server environment. I created a folder entitled "K Drive" on the root of C on my Server. I then created a couple of sub folders called HR, Operations
On the K drive, I implemented Shared access to everyone and then used NTFS permissions on the sub folders so that access is as follows:
HR folder has read/write/modify access by staff in the "HR group"
Operations has read/write/modify access by staff in the "operations group"
When a member of the HR group logs in, they click on "My computer" and see that the K drive has been mapped. Opening up this folder shows the two sub folders HR and Operations. They can only read/write to the HR folder which is great. If they try opening the "Operations" folder an error is generated saying that they do not have access (this is as intended)
Same applies to the Operations group of people who can only access the operations folder.
I would now like to go one step further with my scenario and implement an additional feature which prevents folders which groups or users seeing a folder they do not have access to. I read about "Access Based Enumeration" and I have enabled this for the folders in File and storage services>shares. Logged the users out/in but still they are seeing all the folders in the K drive.
Can anyone help me fix this issue please?
Find more posts tagged with
Comments
There are no comments yet
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
