Link to home
Start Free TrialLog in
Avatar of salsipius
salsipius

asked on

Still Having Permission Problems??? Don't Get it.


OK Guys/Gals sorry for the 3rd similar question but myself and the other 3 IT guys here are stumped.

I have had to setup a new server, Win2003, set it up as a Domain Controller, Install active Directory and add some users to my organization.

OK I create a Folder On the C: drive called General, in general I create a folder for my users. Bob.Smith and so on.
When I create general, I leave the permissions as they were by default. But on Bob.Smith I want to make this folder only available to Bob Smith.
I would like Bob to be able to map this folder without creating a share to the folder. To do this I create his folder, go to security, Add Bob smith to the folder, take away inheritable permissions so it doesn't take it's settings from the General folder and click apply. So far so good. My problem is Even though I can see and map the drive, I am denied write access to the secure folder.

My company is grinding to a halt, I need help bad please.......................

Avatar of dotENG
dotENG

The share permission is read only by default, change at "Sharing and Security" on general folder.
ASKER CERTIFIED SOLUTION
Avatar of thur6165
thur6165

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Echoing the previous responses, permissions need to be set at the share and NTFS levels. For share level permissions, the usual is to set full access for authenticated users. The default Everyone group is not recommended, as unauthenticated users will be able to access the share. For NTFS permission on the General folder, set it to list for authenticated users, full for admins. Then set NTFS permissions accordingly on the users folders.
You don't require share permissions if you arn't sharing the folder.  Set the sharing to DO NOT SHARE.. the permissions button should be greyed out.

On the Security tab, untick AAllow inheritable permissions...

Remove any unnecessary users (if any) - Do not give the EVERYONE group permisisons.

Add the AD user and tick FULL CONTROL

Click the ADVANCED button, click the OWNER tab, tick REPLACE owner with the AD user listed.

Click OK.

Use the Home Directory field in the AD user properties to map to the home dir.
Avatar of salsipius

ASKER

After all I have been through, I can't believe I missed that. Thanks a heap, All is good now.

J