?
Solved

2008 File share issue

Posted on 2011-03-03
4
Medium Priority
?
420 Views
Last Modified: 2012-05-11
Hi,

this is a really straight forward question however i cant get my head around it due to not having done it for ages.

I have a Windows 2008 storage server with a folder that has been shared. this folder contains sub folders which can only be accessed by management and a specified department:

i.e folder A is accessible by dept A and management, folder B by department B and management ETC.

I know of 2 ways i can do this already by either A) giving read share permissions to the root folder and then explicitly allowing / denying access based on the group at the NTFS level however i know this is not best practice. the other obvious but laborious way would be to create an individual share for each folder.

any other ideas?
0
Comment
Question by:gregan_plc
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 

Author Comment

by:gregan_plc
ID: 35031672
i should note that it is preferred that the root folders accessible by all, and the sub folders only accessible to their individual depts
0
 
LVL 13

Expert Comment

by:connectex
ID: 35032028
Typically you'd create one share giving everyone the maximum rights that would be needed. Then secure at the folder or file level by using NTFS permisssions.
0
 
LVL 42

Accepted Solution

by:
kevinhsieh earned 500 total points
ID: 35032050
Normal practice is to give change or full control at the share level. I then five users read at the NTFS level and give groups additional permissions on sub folders as appropriate. If the folder also requires that permissions are more restrictive than the parent I remove inherited permissions and then explicitly apply the correct ones.

Another way to do it is to no to the advanced NTFS permissions and apply read permissions to the parent folder but them make that only apply to itself and files, not subfolders. You would then apply all of the subfolder permissions.
0
 

Author Comment

by:gregan_plc
ID: 35032418
thanks, was an inherited permissions omission, cheers!
0

Featured Post

NEW Veeam Agent for Microsoft Windows

Backup and recover physical and cloud-based servers and workstations, as well as endpoint devices that belong to remote users. Avoid downtime and data loss quickly and easily for Windows-based physical or public cloud-based workloads!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are many software programs on offer that will claim to magically speed up your computer. The best advice I can give you is to avoid them like the plague, because they will often cause far more problems than they solve. Try some of these "do it…
For anyone that has accidentally used newSID with Server 2008 R2 (like I did) and hasn't been able to get the server running again because you were unlucky (as I was) and had no backups - I was able to get things working by doing a Registry Hive rec…
The Task Scheduler is a powerful tool that is built into Windows. It allows you to schedule tasks (actions) on a recurring basis, such as hourly, daily, weekly, monthly, at log on, at startup, on idle, etc. This video Micro Tutorial is a brief intro…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…
Suggested Courses
Course of the Month8 days, 18 hours left to enroll

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question