We have a domain with a Domain Controller, Terminal Server, and File Server (three different physical machines). On the File Server is a folder named "Payroll". Under "Payroll" there are 4 subfolders named "Payroll Chicago", "Payroll Dallas", "Payroll Miami", & "Payroll Memphis". There is a group named "RESTRICTED" who needs access to the "Payroll" folder and all 4 subfolders and files contained therein. There is a group named "PAYROLL CLERKS" who need access thru the "Payroll" folder and access to ONLY their own city's folder. The 4 subfolders have data dumped into them from 4 different domain users - one user in each city. So, each will need access to the main "Payroll" folder and to their own subfolder, i.e., domain user from Memphis needs access to "Payroll Memphis" but must be denied access to the other 3 subfolders, domain user from Miami needs access to "Payroll Miami" but must be denied access to the other 3 subfolders, and so on. Can this be done by "Security Permissions" on the folders themselves. Please advise.