How do I Hide the Snapshot Directory?

In OneSystem, after joining the cluster with Active Directory, admins can select access based enumeration (ABE) for a given SMB share. From here, admins can manage the visibility through Windows Shared Folder Settings. Alternatively, admins can add a $ to the share name. However, enabling ABE provides more manageability and users can’t navigate to a share managed through ABE as they can if a $ is used.

OneSystem screenshot

The following can be used hide shares from certain users and groups when a OneXafe cluster is authenticated with Active Directory. This is an alternative to using $ in the share name to hide shares from users. When a $ sign is used, users may still navigate to the share if they know the exact path.

To hide the Snapshot Directory

1. Map a OneXafe share to windows server or Windows client that has Admin User credentials.
2. Go to the Snapshot folder within the share and right click.
3. Click on Properties>Security>Advanced.
4. Add a desire user or group to hide Snapshot folder for (user=qatest5 in this example).
5. 
5. Select “Deny” for Type and “This folders, subfolders and files” for Applies to.
6. Click on “Show advanced permissions”.
7. Select (1) Read attributes (2) Write attributes (3) Write Extended attributes.
8. 
8. Click OK then click Apply.
9. To verify, map a share on a different client with selected user, the Snapshot folder will be hidden for that share.

To create a hidden share

There are two ways to hide a share from users. The first is to add ’$’ to the share name. The second is to use access based enumeration. To hide a share with ’$’, navigate to Shares and Exports on the left-hand navigation of OneSystem.

1. Select the desired cluster or Mesh the new share should be part of.
2. Create a share in the familiar Microsoft Windows context by adding a ‘$’ to the end of the share name.
3. Select the SMB access protocol.
4. Select the desired share access.
5. Select the desired storage policy.
6. Click Save.
7.