sammy_bull
asked on
Set permission on users home directory.
Hello,
I am trying to set permissions on the users home directory to only allow users to view their own created directory. I have set the permissions as follows
Shared folder called users$ set permissions to domain admins/full and domain users/ read+change
under security I have set the same I click advanced, select domain users and click edit make sure that traverse, list, read permissions are set and make sure that allow inheritable is unchecked, i check the replace permissions entries...
When I select a user and windows explorer and manually type in \\server\users$ i can open all folders the user is a test user and allow belongs to the domain users group.
I need to block access to all users they should have access of their own folders only even if they manually type in the address in windows explorer.
Any ideas?
Thanks
I am trying to set permissions on the users home directory to only allow users to view their own created directory. I have set the permissions as follows
Shared folder called users$ set permissions to domain admins/full and domain users/ read+change
under security I have set the same I click advanced, select domain users and click edit make sure that traverse, list, read permissions are set and make sure that allow inheritable is unchecked, i check the replace permissions entries...
When I select a user and windows explorer and manually type in \\server\users$ i can open all folders the user is a test user and allow belongs to the domain users group.
I need to block access to all users they should have access of their own folders only even if they manually type in the address in windows explorer.
Any ideas?
Thanks
ASKER
Sorry!
I am having difficulty understanding what you suggested. Do I set the permissions on the share tab or on the security tab. I think you mean security tab. Do you also mean I would have to do the joe part on each user folder?
Thanks
I am having difficulty understanding what you suggested. Do I set the permissions on the share tab or on the security tab. I think you mean security tab. Do you also mean I would have to do the joe part on each user folder?
Thanks
ASKER
I am creating an empty folder called users$ on another server. What would i need to set for the permissions. So that way when i log in with a user it is automatically set.
Thanks
Thanks
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
I would suggest you follow oBdA's suggestion above.
Manage permission by Security(NTFS) and leave full control on the Share permission.
If you care what permission user has on his/her own folder, don't even bother to create the folder via the profile tab under the user account properties as that will allow users with full control to their folder that would make your life miserable. So, setting up \\server\users or \\server\users$ will be the root, then user home folder will be under.
Manage permission by Security(NTFS) and leave full control on the Share permission.
If you care what permission user has on his/her own folder, don't even bother to create the folder via the profile tab under the user account properties as that will allow users with full control to their folder that would make your life miserable. So, setting up \\server\users or \\server\users$ will be the root, then user home folder will be under.
Users: Local(!) Administrators:Full, System:Full, Local(!) Users:Read ("This folder only" in Advanced properties);
+-- JDoe: Local Administrators:Full (inherited), System:Full (inherited), JDoe:Full (or Change)