Jump to content
Division-M Community
edo

Restricting pool access to authorized users

Recommended Posts

hello folks,  I am new to DB so please be patient with me. I have some permissions issue that I can't resolve.   Here is my setup:

  • I am running a windows 10 PC which doubles as (1) the home theater computer and (2) as a backup server for all family / work files.
  • The pool consists of two 6T drives running from an external enclosure connected via a USB 3.1 port. No RAID configs. The pool is mapped to the letter P: (I know, I am not being too original here...) 
  • The PC has two accounts:
  1. The HTPC account is limited used by everyone in the family to watch movies, etc. It  is logged in automatically at startup, requires no password and has a disabled UAC.  The media files are stored under P:/MEDIA
  2. The Admin account used to configure the backup program which runs a service in the background. The backup files are stored under P:/BACKUP

The idea is to make the HTCP account only see the MEDIA files and not the BACKUP files.

Now, here is what I did:  when logged from the admin account I navigated to  P:/BACKUP folder and used properties/sharing/advanced sharing to set the permissions allowing read and write access to  the admin user only.  In contrast I allowed the HTPC user to access P:/MEDIA files.

I then logged into the HTCP account and mapped the MEDIA folder to letter M:/  so all my media files became accessible from M:/MEDIA  so far so good - this is what I thought.... But here is the problem:  the entire pooled drive P:/ remains visible from the HTCP account including full access to the BACKUP files. I am unable to remove the mount point P because it then also removes the mount point M.  The sharing on the P drive doesn't seem to work at all.

What I am missing and how to restrict the HTCP account from seeing the BACKUP files?

Thanks and sorry for somewhat detailed posting

Ed

 

 

Share this post


Link to post
Share on other sites

Welcome edo.

To be honest, I'm not sure what the answer is, as I only have single accounts on the servers where I run DriveBender.

Have you checked the permissions within DriveBender?

It may be possible to create a separate folder mountpoint and grant access to this mountpoint only to your HTPC user.

Have you read through the FAQs for DriveBender - https://support.division-m.com/hc/en-us/categories/201693583-Knowledge-Base-Drive-Bender

If none of that is possible, and in lieu of any other answers, you could raise a Support Ticket (https://support.division-m.com) and get the devs involved.

Let us know how you get on.

Share this post


Link to post
Share on other sites

thanks for the info- yes I have reviewed the FAQ. Also I have created the separate mount point M:/ for the MEDIA folder, however the point P:/ remains accessible from the HTPC account.  I will contact the devs.

Share this post


Link to post
Share on other sites

I have received the following  response from Anthony. Alas.:(   

 

 

Hiding a drive letter based on the logged-in user is not possible, as the drive letters are mapped at the system level (and are not "user aware"). The only solution I can think of is to flag the backup folder as hidden... but then its not visible to anyone, but still accessible if you know its there.

Thanks,
Anthony Smith - Division-M

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...