Access-based Enumeration

A great new feature in Windows Server 2003 is Access-based Enumeration (ABE).

What ABE does is hide any file or folder that a user does not have access to. So for example the folder where you store all your users home drives, would usually appear jam packed with folders, most of which would return an Access Denied error. However, with ABE installed users would only see the folders they have access to, usually their own.

This is great especially if you are coming from a Novell background where this is the standard behaviour. It is also very useful in a school situation to keep the students from seeing things they shouldn’t.

To use ABE you need to download the management tools from Microsoft ABE Management Tools, then after installation either enable it on all shares or bring up properties and manually add it to shares.

A better description and walk through is available WindowsNetworking: Implementing Access-Based Enumeration in Windows Server 2003 R2

Links in this post:

About James Rudd

Network Administrator at Sydney Boys High School
This entry was posted in Active Directory, Windows and tagged , , , , , , , , , , , . Bookmark the permalink.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.