i'm a 20 year old student and i'm relatively new to network admin (call me a trainee). i manage a small 10 machine lan for our training facility, the terminals are running win2kpro and the server is win2kserver. I have roaming profiles set up, so no data is saved on the clients, so that all My Documents drives are mapped to folders on the server. I also have it set up so that individuals in special groups have permissions to access other mapped drives.
i have a common area which everyone gets mapped (Shared Folders on 'Server' (S:)) so everyone has access to its content. Within this directory there are sub-directories of which only certain users are privy to. The problem i have is, individuals who aren't allowed access to the folders are able to cut and paste it into their own directory, thus giving themselves ownership of the folder. Though the folder is not removed (and though it's contents is copied to their own directory) they now have ownership and full control over the origional file. In a nutshell, somehow one of our clients is obtaining ownership and full control over a file that he shouldn't even have access to. i know, it sounds far fetched, but i saw it with my own eyes. I created a graphic so you can kind of see what stuff is looking like. You can find it here http://www.opaquevision.com/scrnshot.gif
... any ideas?