Q: Have you guys heard of Access-based Enumeration for Windows Server 2003 SP1?
For those of you that remember the Novell world, whenever you hit a share that contained user directories, in Netware, everyone’s directory would be hidden except yours. In the NT world, you’d see everyone’s directories but you wouldn’t have access to them. This was a visual eyesore and would also cause help desk calls because users would try to get into these other directories, not realizing that they had no business trying to get into them. For over a decade, since Windows NT 3.5, we never fixed the problem.
Finally here in 2006/2007 we quietly released a server side tool for Windows Server 2003 SP1 that does this called ABE or Access-based Enumeration. The idea is that the server will only show the directories that the user has access to eliminating ambiguity and confusion – making it easier for the end user to navigate server shares. It installs a new tab on folders that allows the administrator to optionally hide folders from users they don’t have access to and it can be made recursive throughout other folders in the hierarchy. This is disabled by default but can be turned on using a 3rd party group policy.
DOWNLOAD:
http://go.microsoft.com/fwlink/?LinkId=69209
MORE ON ACCESS-BASED ENUMERATION:
http://www.microsoft.com/technet/technetmag/issues/2006/09/UtilitySpotlight/default.aspx
kurtsh
Kurt Shintaku's Blog 