I want to create a shared folder, giving 'Everyone' full control of the share, but defining my access policy using NTFS secuirty.
I have two groups in my domain, I want one group to be able to read, write, create new files, rename, delete etc... and the other group to be read only.
The groups already exist.
*I do not want anyone (except Domain Admins) to be able to change the permission of files are folders within this share*.
I notice that if someone modifies a shared file, they become the owner, and then can remove permissions and stop others accessing the file.
Can anyone tell me what permission I need and how I should apply them.