wgchangprosetta
asked on
Folder/Share permissions - give user access to only one folder inside a share?
As an example, I have a folder setup like this:
.Share
..Subfolder A
..Subfolder B
I have a user who should have read/write access to subfolder A, but not subfolder B. This user should also NOT have read/write access for anything inside of Share. However, everyone else should have read/write access to Share, Subfolder A, and Subfolder B.
Is there anyway to set this up as described? I have access-based enumeration set up, but because they need read/write permissions for the share and the folder, that doesn't seem to matter.
.Share
..Subfolder A
..Subfolder B
I have a user who should have read/write access to subfolder A, but not subfolder B. This user should also NOT have read/write access for anything inside of Share. However, everyone else should have read/write access to Share, Subfolder A, and Subfolder B.
Is there anyway to set this up as described? I have access-based enumeration set up, but because they need read/write permissions for the share and the folder, that doesn't seem to matter.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Looks like we are set .... did you also check if this user is able to browse thru SubfolderB..
he shoud not.. since B inherits from the root folders.. but just in case..
otherwise.. we are good to go
he shoud not.. since B inherits from the root folders.. but just in case..
otherwise.. we are good to go
ASKER
Good call, let me check.
Nope, they can't get into any other subfolder, and I have access-based enumeration enabled so they don't even see the other folders.
Thanks for your help!
Nope, they can't get into any other subfolder, and I have access-based enumeration enabled so they don't even see the other folders.
Thanks for your help!
1. Deny this user from the Share
2. Create a new share on Folder B and Grant the user "Change" permissions on that share.
The user will not be able to access the main share, but will be able to access the new share on Folder B. I'd consider creating and using a Security Group if you think you will have more users that need to be restricted like this.