JaysonJackson
asked on
How to create a proper user share in AD?
I have walked into a mess with configurations of shares and the servers in general. My current problem has to do with the creation of accounts in AD and user security. The goal is to have a share for each user that the user is the only one that has full access. When creating an account. Here is what I have so far.
1. Created a share on the server c:\profile
2. Share name is profile$ (\\phx-server1\profile$)
3. After creating the above share the Shared Permissions are
a. Everyone (read)
b. Domain\Administrator (I added this and gave full control)
4. In AD Users and Computers
a. Created account Test
b. Properties Profile under Home Folder
i. Connect: U: \\phx-server1\profile$\%us ername% (the folder is created \\phx-server1\profile$\tes t
5. Logon as test I am mapped with a U drive to the proper location.
a. When I try to create a folder or save a file I get Access denied.
b. Permissions on folder Profile$ is the same as above
c. The folder Test (which is the user) permissions are as follows:
i. Domain\Administrator (Full control)
ii. Creator Owner (Special)
iii. System (special)
iv. Test (Full control)
v. Domain\Users (read & Execute) & (Special Create files /write data and create Folders / Append Data are both checked and grayed out)
I could be wrong but since the user Test is a member of the Domain users group they can only read and execute. I have the liberty of playing with the permissions on this at will since it is a test setup. How do I get this so the users have full control over this folder?
1. Created a share on the server c:\profile
2. Share name is profile$ (\\phx-server1\profile$)
3. After creating the above share the Shared Permissions are
a. Everyone (read)
b. Domain\Administrator (I added this and gave full control)
4. In AD Users and Computers
a. Created account Test
b. Properties Profile under Home Folder
i. Connect: U: \\phx-server1\profile$\%us
5. Logon as test I am mapped with a U drive to the proper location.
a. When I try to create a folder or save a file I get Access denied.
b. Permissions on folder Profile$ is the same as above
c. The folder Test (which is the user) permissions are as follows:
i. Domain\Administrator (Full control)
ii. Creator Owner (Special)
iii. System (special)
iv. Test (Full control)
v. Domain\Users (read & Execute) & (Special Create files /write data and create Folders / Append Data are both checked and grayed out)
I could be wrong but since the user Test is a member of the Domain users group they can only read and execute. I have the liberty of playing with the permissions on this at will since it is a test setup. How do I get this so the users have full control over this folder?
ASKER
Creating 200 folders and changing permissions on each is not something I want to do.
How do I set it up so that the New users folder is created from the user profile with the correct permmison.
How do I set it up so that the New users folder is created from the user profile with the correct permmison.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
this is a test box and only has a single partation. the production server users will only be allowed on a different partiation.
Thanks.
Thanks.
you must to allow NTFS permission for that user(from Users group).
For this you must to click that folder go to share, and then add the users; then select user and click advanced button . And there you have a lot's of stuff for permission.