Folder security rights....

I just started this new job as IT Manager and I noticed that everyone in the company can see all the folders with full access rights to everything.  I want to give just certain individuals rights to some folders but forgot how this is done.  Everyone and domain users currently have full rights that were inherited from the parent.  Any help would be appreciated.  If you know of any documentation that would walk me thru this that would be great.

Thanks....

lalexander53Asked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
KCarney81Connect With a Mentor Commented:
1) Create groups in "Active Directory User and Computers"
2) Add users to those groups
3) Specify those groups in security tab of folders and give rights as you see fit
4) Remove domain users
0
 
Darren SharplesSystems SpecialistCommented:
You could create another group called "admin rights" or similar and just give them access to the folders
0
 
Krzysztof PytkoActive Directory EngineerCommented:
I would suggest deploying DFS and enable ABE (Access Based Enumeration), but of course it will require folders' permission restructure by setting appropriate rights.

How to implement DFS
http://technet.microsoft.com/en-us/library/cc732863%28WS.10%29.aspx

ABE
http://msmvps.com/blogs/erikr/archive/2008/06/28/access-based-enumeration-abe.aspx

In my opinion, you should change Sharing permissions to :Authenticated Users" group: Full Control and secure folders in their properties under "Security" tab.

and about NTFS permissions
http://www.windowsecurity.com/articles/Understanding-Windows-NTFS-Permissions.html

Regards,
Krzysztof
0
All Courses

From novice to tech pro — start learning today.