[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 259
  • Last Modified:

Still Having Permission Problems??? Don't Get it.

OK Guys/Gals sorry for the 3rd similar question but myself and the other 3 IT guys here are stumped.

I have had to setup a new server, Win2003, set it up as a Domain Controller, Install active Directory and add some users to my organization.

OK I create a Folder On the C: drive called General, in general I create a folder for my users. Bob.Smith and so on.
When I create general, I leave the permissions as they were by default. But on Bob.Smith I want to make this folder only available to Bob Smith.
I would like Bob to be able to map this folder without creating a share to the folder. To do this I create his folder, go to security, Add Bob smith to the folder, take away inheritable permissions so it doesn't take it's settings from the General folder and click apply. So far so good. My problem is Even though I can see and map the drive, I am denied write access to the secure folder.

My company is grinding to a halt, I need help bad please.......................

1 Solution
The share permission is read only by default, change at "Sharing and Security" on general folder.
Make sure you share the general folder, and give everyone write access.  You have a confict between your sharing permissions and security permissions.  
Echoing the previous responses, permissions need to be set at the share and NTFS levels. For share level permissions, the usual is to set full access for authenticated users. The default Everyone group is not recommended, as unauthenticated users will be able to access the share. For NTFS permission on the General folder, set it to list for authenticated users, full for admins. Then set NTFS permissions accordingly on the users folders.
You don't require share permissions if you arn't sharing the folder.  Set the sharing to DO NOT SHARE.. the permissions button should be greyed out.

On the Security tab, untick AAllow inheritable permissions...

Remove any unnecessary users (if any) - Do not give the EVERYONE group permisisons.

Add the AD user and tick FULL CONTROL

Click the ADVANCED button, click the OWNER tab, tick REPLACE owner with the AD user listed.

Click OK.

Use the Home Directory field in the AD user properties to map to the home dir.
salsipiusAuthor Commented:
After all I have been through, I can't believe I missed that. Thanks a heap, All is good now.


Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now