Solved

Shares are Read Only after removing DFS on Windows Server 2008

Posted on 2011-02-15
3
1,098 Views
Last Modified: 2012-05-11
We have 2 shared folders on Server 2008 R2; one is shared to everyone and the other contains the private folders for each department.  We used to use DFS, but we haven't been using DFS for a while; we have been mapping directly to the server.

Last night I was doing some cleanup on the server and I removed the listings in DFS.  Once I did that, everything on the private drive became Read-Only and nothing could be saved or created on that drive.  Obviously DFS was still doing something for us, but I don't know what.  I'd rather not go back to DFS; I'd rather just map the clients directly to the server.

I have checked the share permissions on that folder:
Administrators - Owner
Domain Users - Read
{sys admin account} - Read/Write (that's me)
{another domain admin account} - Read/Write

Access to the folders underneath are controlled by AD security groups.  These groups are setup by department and each department security group is given full control over their department's private drive folder. in Security and Sharing.

Is there something further I need to do to get DFS out of the picture or is there something else I need to do on the Sharing /Security tabs on the folders?

Any help would be greatly appreciated.

Jono
0
Comment
Question by:Jono Martin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 84

Accepted Solution

by:
oBdA earned 500 total points
ID: 34897180
You need to give Domain Users "Read/Write" (or Full) access in the Share permissions; when using both Share and NTFS permissions, the more restrictive ones win.
There's actually not much point in using both NTFS and Share permissions, it's only good for confusion. Usually, you can just give the Everyone (or Authenticated Users) group Full Access in Share permissions and concentrate on the NTFS permissions to control access.
0
 

Author Closing Comment

by:Jono Martin
ID: 34897966
oBdA - you rock!

Thank you for your reply; it worked perfectly.  This is a huge weight off of my shoulders.

I set the share permissions for Domain Users to Read/Write and that did the trick.  I also checked the folders inside to make sure that what I did didn't open up everything to everyone, but it's all good.  People have access to what they should have access to and they are denied other things as needed.

Thanks again!
Jono
0
 

Author Comment

by:Jono Martin
ID: 34901687
oBdA -

Any chance you can help me out with another question I've had open for a while?
http://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/Q_26810092.html

Thanks for any help with this.

Jono
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
This video shows how to use Hyena, from SystemTools Software, to update 100 user accounts from an external text file. View in 1080p for best video quality.

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question