Make unauthorized folders invislbe for windows clients
Running a RR-2304 NAS with current firmware I want to hide unathorized folders form Windows users. Currently they are limited to their folder but can see all existing when they connect the NAS IP as windows network folder. Shares are using SMB protocol.
Is that the setting Hide folders in shares / Network / extended?
Re: Make unauthorized folders invislbe for windows clients
You can hide a public share from everyone from the web ui, but you can't selectively hide them.
If you only have one or two of these, you could possibly use the home folder feature. That folder is only visible to the account owner (and the name is the same as the username). This assumes that you don't use (or are willing to give up) this feature.
What you'd do is
Create a "user account" that matches the folder name you want (say "Finances"). Set the password for that share
Set up a credential in the authorized users' PCs that uses this user account to access the NAS. Do that in the Windows Credential Manager. Those users would then always access the NAS using the Finances account, and they would see the Finances folder.
If someone requires access to two of these hidden shares, then you can have them access one using the IP address of the NAS, and the other using the NAS name. That overcomes a basic Windows restriction that you can only use one credential with the NAS at a time. Windows treats the IP address and the hostname as two different machines.
These trick doesn't scale to someone who needs access to three of these shares.
Re: Make unauthorized folders invislbe for windows clients
Thanks, it took me til yesterday to make a user test.
I think my problem is far easier and was solved by setting the shares to hide. Now the users can't see anymore in Windows what they are not authorized for. Acessing a hidden one even so by using IP and hostname is not required here.
I think my problem is far easier and was solved by setting the shares to hide.
Your approach hides the shares for all users (whether authorized or not). I was assuming that you needed authorized users to see them, and unauthorized users to not see them.
Re: Make unauthorized folders invislbe for windows clients
Actually, regular users can’t see unauthorized folders anymore, just the one they got connected as network drive. So my primary problem is solved. In my Windows, as I’m authorized for all folders, I can see some of them, others I don’t, only visible if I connect Them as dedicated network drive. Could not figure out yet what may be different.
Re: Make unauthorized folders invislbe for windows clients
@ThomasNanninga wrote: Actually, regular users can’t see unauthorized folders anymore, just the one they got connected as network drive.
Actually they can. All they need to do is enable viewing of hidden files and folders on their PC. And if they know the share name, they don't even need to do that. Just hiding the share doesn't prevent access - so if it is important to limit access to these files you need to do it properly.
But I think you have done that. In any event, hiding the folder hides them for all users (authorized or not).
Re: Make unauthorized folders invislbe for windows clients
That’s maybe a misunderstanding, access right are set and tested. No-one has access to other than his folders. If users do as you describe ReadyNas will prompt logon screen and respond missing authorization. It’s just about to prevent silly question on other folders.
