In my opinion, letting users view hidden files is an invitation delete what they want. Not good. Better make sure they have only User rights and nothing more powerful. I would find out what they are hiding and then block those file types using the 2003/8 File Server Resource Manager. That way they can't write the files at all. Also you can have an alert sent to their manager and whom ever else you want, including them, to let them know that your on to their antics. I love f__king with DEUs when I can do it without getting in trouble myself. Their the enemy and they are everywhere. :)
Regards, Dave -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Thursday, May 22, 2008 2:50 PM To: NT System Admin Issues Subject: Re: preventing users from hiding files ... going with this option. I created a ADM file for GP that will make all hidden files/folders viewable. Now there shouldn't be any point in hiding files since everyone will be able to see them anyways. Good idea. JR Original Message: ----------------- From: Eric Woodford [EMAIL PROTECTED] Date: Thu, 22 May 2008 11:24:07 -0700 To: ntsysadmin@lyris.sunbelt-software.com Subject: Re: preventing users from hiding files How about turning on the permission that says "show hidden files" for everyone?.. That way its pointless to do so. On 5/22/08, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > Is there an easy way (group policy perhaps?) to prevent people from > hiding files? I beleive it can be done from NTFS permissions and > setting a folder > so that the Write Attributes permission is denied, but this seems a > bit time consuming to setup on every single folder I want this done for... > > We have 1500+ user accounts that have home directories we do NOT want > them to be able to hide anything in those home directories. There's > also some network shares we don't want these users to be able to hide > files/folders inside them as well. I'm hoping or a GPO alternative to > settings the NTFS perms all all these folders/drives/files, etc. > > I'm going to see if maybe disabling the context windows (the menu that > appears from right clicking on a file or folder) does the trick -- the > users do not have access to CMD.exe so they cannot use the .exe > command on a file/folder. > > Thanks. > JR > > > -------------------------------------------------------------------- > myhosting.com - Premium Microsoft(R) Windows(R) and Linux web and application > hosting - http://link.myhosting.com/myhosting > > > > ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ > ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ > -- Sent from Gmail for mobile | mobile.google.com ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ -------------------------------------------------------------------- mail2web.com - Microsoft(r) Exchange solutions from a leading provider - http://link.mail2web.com/Business/Exchange ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~ ~ Upgrade to Next Generation Antispam/Antivirus with Ninja! ~ ~ <http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm> ~