Assigning advanced rights to a large folder tree - Windows 2000 Server
Posted on 2006-04-26
I have a large standardized folder tree that is created for each project at my firm. We use an empty template each time a new project is started. A copy of the empty folder structure is started for each new project.
I would like to better understand how to create advanced read/write rights to accomplish the following tasks:
The root folder will have all rights assigned to Domain Admins (this should be inhertited all the way through the chain) and read only rights to all other users (assume the AD group for this is called "Projects")
Subfolder1 should allow members of the "Projects" group to create files but not folders
Subfolder2 should allow members of the "Projects" group to create folders but not files
Subfolder3 should allow members of the "Projects" group to create folders and files
Subfolder4 should not allow the creation of files or folders. Nothing exists at this level except for other pre-determined folders.
I've played with the advanced security rights, but am still struggling with getting it right. All help will be appreciated.