rfalus
asked on
Folder Security
I am sure that this is a simple question to answer but I am racking my brain. I have a very simple server setup. I have one drive and I have a directory called "A" - below that I have a number of folders and one called users. Inside this folder I have individual user folders - now I want only the user with the specific username to have access to his or her specific file.
How can I go about doing this?
Everytime I have tried this - users still seem to have access to others files? Is there something simple without using logon scripts?
How can I go about doing this?
Everytime I have tried this - users still seem to have access to others files? Is there something simple without using logon scripts?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Please follow these steps to setup the network location.
To make sure that only the user and the domain administrators have permissions to open a particular redirected folder, do the following:
1. Select a central location in your environment where you would like to store Folder Redirection, and then share this folder. In this example, FLDREDIR is used.
2. Set Share Permissions for the Everyone group to Full Control.
3. Use the following settings for NTFS Permissions:
CREATOR OWNER - Full Control (Apply onto: Subfolders and Files Only)
System - Full Control (Apply onto: This Folder, Subfolders and Files)
Domain Admins - Full Control (Apply onto: This Folder, Subfolders and Files)
Everyone - Create Folder/Append Data (Apply onto: This Folder Only)
Everyone - List Folder/Read Data (Apply onto: This Folder Only)
Everyone - Read Attributes (Apply onto: This Folder Only)
Everyone - Traverse Folder/Execute File (Apply onto: This Folder Only)
4. Configure Folder Redirection Policy as outlined in Windows Help. Use a path similar to \\server\FLDREDIR\%usernam e% to create a folder under the shared folder, FLDREDIR.
The information above has been taken from http://support.microsoft.com/kb/274443/
To make sure that only the user and the domain administrators have permissions to open a particular redirected folder, do the following:
1. Select a central location in your environment where you would like to store Folder Redirection, and then share this folder. In this example, FLDREDIR is used.
2. Set Share Permissions for the Everyone group to Full Control.
3. Use the following settings for NTFS Permissions:
CREATOR OWNER - Full Control (Apply onto: Subfolders and Files Only)
System - Full Control (Apply onto: This Folder, Subfolders and Files)
Domain Admins - Full Control (Apply onto: This Folder, Subfolders and Files)
Everyone - Create Folder/Append Data (Apply onto: This Folder Only)
Everyone - List Folder/Read Data (Apply onto: This Folder Only)
Everyone - Read Attributes (Apply onto: This Folder Only)
Everyone - Traverse Folder/Execute File (Apply onto: This Folder Only)
4. Configure Folder Redirection Policy as outlined in Windows Help. Use a path similar to \\server\FLDREDIR\%usernam
The information above has been taken from http://support.microsoft.com/kb/274443/
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Everyone Full-Contol (share permissions)
Domain Users Read(NTFS permissions) (or authenticated users: read)
Don't place checks in the deny boxes, unless you need to do so explicitly.
-rich