Good afternoon all:
Running Windows 2003 AD with NTFS file shares
He have a primary DFS file share called "A"
We have about 25 subfolders underneath that get accidentally moved all the time
Would like to put an end to this (and take a hammer to the people not paying attention when using their mouse)
Steps i've taken:
On each of the 25 sub folders i've turned off "inherit permissions from parent" and assigned individual NTFS permissions to each of the 25 folders typically involving modify access for all required users. I want the users to be able to create, modify folders and documents within the sub folders. I really don't care if they accidentally move stuff in these sub folders.
The "root" share or "A" is set to full control to all domain users.
Currently users are able to move the 25 sub folders into other sub folders in the root:
So if root is A:
and I have sub folder B
and I have sub folder C
Assuming domain users have full access to both B & C - users can move folder B into folder C.
Here's my question - proposed solution.
At the root share (A) - I limit domain users to Read and list folders.
Domain admins have full control.
That should prevent users from accidentally moving the sub folders.
Does this make sense?