In the scenario below, we have all Server 2003 Standard servers in an Active Directory domain environment. All users run XP Pro with at least SP2.
Each branch at our organization has a Server 2003 Standard Edition server that the users store their 'My Documents' on. Each users' home directory is mapped to a drive letter (in our example, we'll use H:\), and that drive letter is the location that the 'My Documents' folder points to. The laptop users have 'Offline Files' enabled, and the files sync when the user logs on and off the computer. According to Microsoft KB275461 (http://support.microsoft.com/kb/275461
), the best solution is to provide all users with at least READ access to the root directory of the users' shared folder (ie \\SERVER\USERS\). However, if we do this, that means Joe Smith (a user with very little rights on the network) can read all the files located in Jane Doe's user directory (\\SERVER\USERS\JDOE\). What is the best practices to use in order for each user to have a home directory located on \\SERVER\USERS\ that will allow laptop users to successfully sync their files as well as not let any other users access another user's files.
I hope I've explained myself well, and I apologize if I did not.
To summarize, we have a shared directory on the server called \\SERVER\USERS. Each user has his/her own directory under that root directory. Currently, we are experiencing issues with laptop users that are getting "Access Denied" error (as seen in Microsoft KB275461) and we need a solution without giving all users the access to read another user's files.