In Windows Server 2003 Access Based Enumeration was a separate download you hade to download and install on your server to enable this option. For those of you who do not know ABE let me explain very briefly what ABE does.
Access-based Enumeration (ABE) has been included in Microsoft® Windows Server™ 2003 Service Pack 1 to a) increase folder level security, b) improve administrator productivity by reliably streamlining large directory structures for less-technically savvy users, and c) provide a more seamless migration experience for end-users migrating to Windows servers. ABE filters shared folders visible to a user based on that individual user’s access rights, preventing the display of folders or other shared resources that the user does not have rights to access. ABE can be accessed via graphical user interface (GUI), command-line executable tool, and a robust advanced programming interface (API).
Check out the details for Windows Server 2003 ABE: http://www.microsoft.com/windowsserver2003/techinfo/overview/abe.mspx
The good news is ABE is integrated in Windows Server 2008 and it has an GUI. Let me explain to you how to do it:
- Go to “start –> Programs –> Administrative Tools” and start “Share and Storage Management” MMC
- Provision a new Shared Folder
- Follow the steps until you reach SMB Settings and click Advanced to enable ABE. You can also see if ABE
is enabled or disabled
- Check enable access-based enumeration to activate ABE or uncheck to disable ABE
If you want to change the ABE settings you can open “Share and Storage Management” MMC click your right mouse button and edit the properties for the provisioned share. You need to click Advanced to edit ABE. Until now I didn’t find any command-line tool to do this.