Configuring ABE – Access based Enumeration on Windows 2003

Print Friendly, PDF & Email

Microsoft Windows 2003 brings a new utility called Access based Enumeration that allows you to hide directories that users don't have NTFS permissions to, instead of seeing them as usual, it hides them directly, avoiding user confusion. To be able to use Access-based Enumeration with Windows 2003 we have to download the installer from Microsoft's website.

Abeui

We enter the www.microsoft.com website and download “Windows Server 2003 Access-based Enumeration”. We run it to begin the installation, this must be installed on the servers, not on customers, but on the server that is a file server.

Abeui

Click on “Next” To start the wizard,

Abeui

We accept the license agreement, by clicking on “I Agree” & “Next”,

Abeui

Select where we want to install it, The Installation Path, will hardly take up space, Continue “Next”,

Abeui

If we want this to be enabled by default in all the directories that we have shared on this server, we check the first option “Enable Access-based Enumeration on all existind shared folders” and if we want to do it manually and independently in those that interest us, Mark “I will enable Access-based Enumeration on individual shared folders”, and we continue “Next”,

Abeui

“Next” to begin installation,

Abeui

… wait a few seconds while it installs…

Abeui

“Close”, perfect, has already been installed.

Abeui

Now we have to go to the properties of the folders that we have shared and we will see that we have a new tab in them called “Access-based Enumeration”, We have to check the “Enable access-based enumeration on this shared folder” and accept.

Abeui

This would be the example of a folder that we have shared by entering locally as an administrator, It is an example to see which directories it has. Of course, NTFS permissions are configured in each directory, which can only be entered by the user in each directory.

Abeui

If we log in with a user who has access only to the directory “user1” and “all” Here's what you'll see online,

Abeui

And logically if we log in with a user who only has access to the directory “user2” and “all” Here's what you'll see. It's a way to prevent users from seeing directories that they don't have access to.

www.bujarra.com – Héctor Herrero – Nh*****@bu*****.cOm – v 1.0


Recommended Posts

Post does not have featured image

How to Migrate a Print Server to Windows Server 2008
Read
Installing WINS (Windows Internet Name Service)
Read
Migrating a File Server Between Any Windows Server Version
Read

Post does not have featured image

Using AdRestore to recover Tombstone items
Read

Author

by Héctor Herrero 
nheobug@bujarra.com
Autor del blog Bujarra.com Cualquier necesidad que tengas, Do not hesitate to contact me, I will try to help you whenever I can, Sharing is living ;) . Enjoy documents!!!

Installing Microsoft Windows 2003 + Domain Migration 2000 a 2003 + Promote yourself as a primary domain controller

22 de October de 2008

Using the Security Setup Wizard in Windows 2003

22 de October de 2008