Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
Using Windows Server 2003 in a multi-user environment (via Remote Desktop, using it as an application server), how to mount a (preferably encrypted) volume in a way, that won’t show up on any other user’s desktop?
Tried, and failed approaches:
tweaking user rights -display of mounted volume can not be changed.
Bestcrypt / truecrypt. Both of them displays the volume for a local administrator
You’re going to be hard-pressed to find a solution for your exact problem. Drive mount points aren’t stored on the user level (afaik). There are a couple of workarounds that you can use that aren’t guaranteed to be secure:
Is there any particualr reason it has to be an entire drive? If you’re trying to avoid allowing the local-admin having rights to a local drive, you’re pretty much out of luck unless you use a third-party-probably-going-to-fail-horribly solution. You can jury-rig something with Group Policy to disallow local admin access, but it’s going to be hard and error prone.
If your desired goal is to have separate folders (or volumes) that other users cannot access, store the files on a remote server. That way local administrators on the application server cannot arbitrarily access other peoples folders. (Unless they have Domain Admin or Enterprise Admin rights) You can set up a single big network drive and have different user folders on it, each encrypted using NTFS/other solution and only have read/write rights for that single user.