How to create a proper user share in AD?
Posted on 2008-10-17
I have walked into a mess with configurations of shares and the servers in general. My current problem has to do with the creation of accounts in AD and user security. The goal is to have a share for each user that the user is the only one that has full access. When creating an account. Here is what I have so far.
1. Created a share on the server c:\profile
2. Share name is profile$ (\\phx-server1\profile$)
3. After creating the above share the Shared Permissions are
a. Everyone (read)
b. Domain\Administrator (I added this and gave full control)
4. In AD Users and Computers
a. Created account Test
b. Properties Profile under Home Folder
i. Connect: U: \\phx-server1\profile$\%username% (the folder is created \\phx-server1\profile$\test
5. Logon as test I am mapped with a U drive to the proper location.
a. When I try to create a folder or save a file I get Access denied.
b. Permissions on folder Profile$ is the same as above
c. The folder Test (which is the user) permissions are as follows:
i. Domain\Administrator (Full control)
ii. Creator Owner (Special)
iii. System (special)
iv. Test (Full control)
v. Domain\Users (read & Execute) & (Special Create files /write data and create Folders / Append Data are both checked and grayed out)
I could be wrong but since the user Test is a member of the Domain users group they can only read and execute. I have the liberty of playing with the permissions on this at will since it is a test setup. How do I get this so the users have full control over this folder?