Members of the Administrators group on our server (Windows 2000 homogenous network.) can change network drive folder permissions (for which they have access) but members of the Domain Users group can only view them (even when they have been explicitly granted FULL access to the folder). I'm not keen on this behaviour as it means a standard-project-folder-creating-batch-file I've written doesn't work properly. Now, I've recently installed the NSA security configuration inf files (with some tweaks) and I think it might have something to do with the problem I'm having:
My guess is that there is a security setting somewhere that restricts the change folder permission to the Administrator group - only I can't find it.
I know I've likely caused this problem - I'm hoping someone might be able to shed some light on how to fix it?
A lot of this will depend upon which config file you downloaded
But I would first look here in the group policy.
I can't say which Group Policy to look at until I know more about the config file.
computer configuration >> windows settings >>security settings >> file system
Hopefully it will be clear which one is causing the problem.
If not post the link to the config file you downloaded from NSA