Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Offline Folders and Permissions on a Windows 2000 Server

Posted on 2005-05-16
Medium Priority
Last Modified: 2010-04-14
Please help me understand this ...

I have a Windows 2000 server with a share to the C:\users folder
Permissions:  Network Share has Everyone Full Control
                    NTFS gives Domain Admins, System Full Control, but nothing else.

Under this I have the Users Folders C:\users\user1.  
Permissions:  Network Share - Everyone Full Control
                    NTFS share of Domain Admins, System and User1 - Full Control.

I even have one additional folder under the Users folder called My Documents to actually use for the offline folder redirection
C:\users\user1\my Documents
Permissions:  Network Share - Everyone Full Control
                    NTFS - Domain Admins, System, User1 - Full Control.

Now, from the User1 Windows 2000 Professional Desktop, I try to setup offline folders.  I get an "Access Denied" as I try to sync.  However, if the C:\users share has NTFS permissions of at least Read (maybe list, haven't tried that yet), synchronization works.  

Now, if I put the NTFS permission of even list for authenticated users on the C:\users share, then I am going to have to go to each individual folder and take that off because I don't want everyone having access to see what is in other users folders.  


Thank you in advance for your assistance,

Question by:healthcheckinc
LVL 18

Accepted Solution

luv2smile earned 400 total points
ID: 14011672
"Now, if I put the NTFS permission of even list for authenticated users on the C:\users share, then I am going to have to go to each individual folder and take that off"

No you won't. Just apply the permission to the shared folder only. Security tab- advanced button- add "authenticated users" and click ok and then where you set the advanced permissions...at the top under name, you should see a box that says "apply onto". Change it to "this folder only"

Then the shared folder will have authenticated users with the appropriate access level, but this won't change anything on any sub folder or file.

You could of course also turn off inheritence for all your subfolders so that they don't inherit permissions from their parent folder. But in this situatiion, just changing the "apply unto" is going to be the simplest and easiest.

Author Comment

ID: 14017804
Thank you so much, you are a genius!!!  I am so glad that you knew about that, it has saved me so much grief and work!!!  Thank you!!!

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
I’m willing to make a bet that your organization stores sensitive data in your Windows File Servers; files and folders that you really don’t want making it into the wrong hands.
Loops Section Overview
As many of you are aware about Scanpst.exe utility which is owned by Microsoft itself to repair inaccessible or damaged PST files, but the question is do you really think Scanpst.exe is capable to repair all sorts of PST related corruption issues?
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question