IN THE OS I can't find any way (GUI or tool) to enable/disable it. I searched the internet and ended up in some blogs. You'll have to download the util separately. This is what I have found so far:
####### (http://blogs.technet.com/windowsserver/archive/2005/03/24/401840.aspx)
SP1 and x64 address these concerns by making inacessible files and folders invisible to users through a neat little feature called Access-Based Enumeration (ABE). ABE in SP1/x64 can be used with the command-line (abetool.exe) and through a fairly robust API (NetShareSetInfo). FYI - There is a GUI on the way.
Command Line Sytax: abetool [ShareName] [1=on/0=off] [ServerName]
Command Line Example: abetool "Personal Folders" 1 FileSrvr1
There is a whitepaper on ABE that should hit the streets fairly soon
#######
I also found the following (funny that a MS tool to enable a certain functionality in the OS is unsupported):
####### (http://blogs.technet.com/jhoward/archive/2005/02/22/378033.aspx)
Access Based Directory Enumeration - markshareforABDE.exe utility download (http://itpro.members.winisp.net/download/markshareforabde.exe)
Following the myriad of emails I received, here's a link to markshareforABDE.exe as used in my blogcast about Access Based Directory Enumeration a few days ago. Many thanks to DuWayne Harrison at Microsoft in the US, the author of this tool for giving his permission to make this available. Please be aware that there is absolutely no support from PSS and all standard disclaimers apply as per resource kit tools. In other words, any use you make of this utility is entirely at your own risk.
Usage is straightforward: markshareforABDE <sharename> 0|1 [servername] where 0=off and 1=on
#######
I still prefer to use the JOEWARE tool as it provides the possibilities configure OTHER share flags where the above mentioned tool can't do
Jorge
-----Original Message-----
From: joe [mailto:[EMAIL PROTECTED]]
Sent: maandag 4 april 2005 3:17
To: 'Jorge de Almeida Pinto'; [email protected]
Subject: RE: [ActiveDir] Access Based Enumeration in W2K3 SP1
It should be available with the OS.
I am glad they finally did this. I could have used it 10 years ago when moving a company from OS/2 servers to NT4 Servers.
-----Original Message-----
From: Jorge de Almeida Pinto [mailto:[EMAIL PROTECTED]]
Sent: Sunday, April 03, 2005 5:15 PM
To: 'joe '; '[EMAIL PROTECTED] '; '[email protected] '
Subject: RE: [ActiveDir] Access Based Enumeration in W2K3 SP1
Joe,
what do you mean with "That tool shouldn't even be necessary"?
Jorge
-----Original Message-----
From: [EMAIL PROTECTED]
To: [email protected]
Sent: 4/3/2005 10:29 PM
Subject: RE: [ActiveDir] Access Based Enumeration in W2K3 SP1
LOL. That tool shouldn't even be necessary. But in the meanwhile, it is available for use. Enjoy!
joe
_____
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Jorge de Almeida Pinto
Sent: Friday, April 01, 2005 6:11 AM
To: [email protected]
Subject: [ActiveDir] Access Based Enumeration in W2K3 SP1
Hi,
I installed it today on a VM guest (DC) and it installed OK.
However, configuring the ABE feature is not possible through the GUI. I wonder why they don't provide some checkbox to configure this as I think this is one of the features people have been waiting for!
However you can use the SHAREFLGS tool from JOEWARE to configure ABE
Joe: like the other tools, the SHAREFLGS tool will be famous for its possibilities! ;-))
Cheers
Jorge
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
This e-mail and any attachment is for authorised use by the intended
recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you.
