Solved

Shares are Read Only after removing DFS on Windows Server 2008

Posted on 2011-02-15
3
1,093 Views
Last Modified: 2012-05-11
We have 2 shared folders on Server 2008 R2; one is shared to everyone and the other contains the private folders for each department.  We used to use DFS, but we haven't been using DFS for a while; we have been mapping directly to the server.

Last night I was doing some cleanup on the server and I removed the listings in DFS.  Once I did that, everything on the private drive became Read-Only and nothing could be saved or created on that drive.  Obviously DFS was still doing something for us, but I don't know what.  I'd rather not go back to DFS; I'd rather just map the clients directly to the server.

I have checked the share permissions on that folder:
Administrators - Owner
Domain Users - Read
{sys admin account} - Read/Write (that's me)
{another domain admin account} - Read/Write

Access to the folders underneath are controlled by AD security groups.  These groups are setup by department and each department security group is given full control over their department's private drive folder. in Security and Sharing.

Is there something further I need to do to get DFS out of the picture or is there something else I need to do on the Sharing /Security tabs on the folders?

Any help would be greatly appreciated.

Jono
0
Comment
Question by:Jono Martin
  • 2
3 Comments
 
LVL 83

Accepted Solution

by:
oBdA earned 500 total points
ID: 34897180
You need to give Domain Users "Read/Write" (or Full) access in the Share permissions; when using both Share and NTFS permissions, the more restrictive ones win.
There's actually not much point in using both NTFS and Share permissions, it's only good for confusion. Usually, you can just give the Everyone (or Authenticated Users) group Full Access in Share permissions and concentrate on the NTFS permissions to control access.
0
 

Author Closing Comment

by:Jono Martin
ID: 34897966
oBdA - you rock!

Thank you for your reply; it worked perfectly.  This is a huge weight off of my shoulders.

I set the share permissions for Domain Users to Read/Write and that did the trick.  I also checked the folders inside to make sure that what I did didn't open up everything to everyone, but it's all good.  People have access to what they should have access to and they are denied other things as needed.

Thanks again!
Jono
0
 

Author Comment

by:Jono Martin
ID: 34901687
oBdA -

Any chance you can help me out with another question I've had open for a while?
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_26810092.html

Thanks for any help with this.

Jono
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article shows how to deploy dynamic backgrounds to computers depending on the aspect ratio of display
This article runs through the process of deploying a single EXE application selectively to a group of user.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question