On one of my servers, I have a "Data" share. "Domain Users" have full access to the share. On the share I have department directories set up. Users are all put into department global group, and each group has full access to the respective department directory. Here's the dilema, and I have searched all over for this one: Each department directory has a "Share". I would like "Domain Users" to have read/write access to each of the department shared, but not see the files or other directories within those departments (with the exception of their own department).
In the following example, I would like the FINANCE global group to have access to \FIN and below, while the Domain Users should have access to the \FIN\SHARED folder, while not seeing any of the files or other folders within \FIN. I would follow this procedure for every department, and then create on \SHARED directory at the root for the entire company to share.
In the Novell world, this was a snap, but I cannot figure this out with Microsoft. How can I accomplish the above without letting everyone see the files within the department directories? I only want them to see the shared directories within other departments. I have looked into "traverse", but that doesn't seem to be it.