I'm pretty sure this is not possible (because ntfs acls suck) but I am faced with the following. we have a typical shared user directory structure :
NT4 Domain environment.
(share to Global group) Common
(Full rights acl to Global group1) Marketing
(Full rights acl to Global group2) Finance
(Full rights acl to Global group3) HR
I want to map root a drive to the common share and want the marketing group to have full access only the marketing directory. Sounds simple ,however, the marketing users are able to see the Finance and HR folders as well even though they are not members of the other groups and have only read access to the common.
I have turned off inhereted rights at the common directory and am assigning explicit rights to the groups to the 3 subfolders beneath.
I am going crazy over this and dreaming of the good old days of netware. Please put me out of my misery.