How to hide folders from other user accounts?

simorio69 said:

Barman58 said:

This can be achieved by the use of permissions but will take a little work - I would also add that the default permissions of an administrator level account (even in win7 with UAC on), does not adapt well to this.

I would recommend that you set this up in standard user accounts and keep at least one admin account to control things.

create your Standard level accounts

log in as admin account and in the properties - security tab on the folders you wish to be private remove all users except the user who needs access and the administrators, (also leave any other system related users for safety).

You will need to remove catch-all groups such as everyone and Homeusers$ and specifically add the allowed user.

Rights may be assigned as required such as read, write, modify, etc. but I would advise you leave the ownership as is or manually set to administrators group.

once set-up any user that does not have specific rights assigned will not be able to access a folder.

This is the way that access is controlled on major network systems so it is a proven system, although with major systems it is normal to assign users to groups and then assign the rights to a group

As I said it will take a little work and thought but it can provide total control of a shared system

I tried somethung with security, its quite complicated.. tnx i will try

I was trying to investigate all this few hours.I dont understand what the differences between system, administrator, users, authenticated users ? can I delete all except system?

Barman58 said:

Any folder with system or administrators in the permissions will need to retain these the "authenticated users" is a catch all for remote access users and "users" are local users you will need to remove the "users" and "Authenticated users" as these will contain all user id's that exist on the system by default.



for example the everyone group on the screenshot attached would include all users and all authenticated users so to control the access this group would need to be removed. once this is done only the users you see with specific access would be able to see the file or folder

you have to be careful only to make these changes in data folders as if there is system content, (program files or DLLs (especially system files), then the results are likely to be unpredictable at best

Thanks for help :)

Barman58 said:

This can be achieved by the use of permissions but will take a little work - I would also add that the default permissions of an administrator level account (even in win7 with UAC on), does not adapt well to this.

I would recommend that you set this up in standard user accounts and keep at least one admin account to control things.

create your Standard level accounts

log in as admin account and in the properties - security tab on the folders you wish to be private remove all users except the user who needs access and the administrators, (also leave any other system related users for safety).

You will need to remove catch-all groups such as everyone and Homeusers$ and specifically add the allowed user.

Rights may be assigned as required such as read, write, modify, etc. but I would advise you leave the ownership as is or manually set to administrators group.

once set-up any user that does not have specific rights assigned will not be able to access a folder.

This is the way that access is controlled on major network systems so it is a proven system, although with major systems it is normal to assign users to groups and then assign the rights to a group

As I said it will take a little work and thought but it can provide total control of a shared system

There's no Thanks button on this forum, (May I suggest you to arrange one?)
I was looking after this high and low. your post really helped, Thanks!
Its very complicated, but works after practice.

bhvm said:

There's no Thanks button on this forum, (May I suggest you to arrange one?)

There is a rep button - the silver scales, top right of a post.