Solved

Issue with Home Folder permissions

Posted on 2011-03-11
7
924 Views
Last Modified: 2012-06-27
Hello All;

I setup home folders for my users and it's working fine, the only issue is that all users have access to other peoples home directory.

I followed the doc http://www.itechtalk.com/thread1958.html 

For folder redirection to work properly, configure the NTFS as follows:

1) Configure the folder to not inherit permissions and remove all existing permissions.
2) Add the file server’s local Administrators group with Full Control of This Folder, Subfolders, and Files.
3) Add the Domain Admins domain security group with Full Control of This Folder, Subfolders, and Files.
4) Add the System account with Full Control of This Folder, Subfolders, and Files.
5) Add the Creator/Owner with Full Control of Subfolders and Files.
6) Add the Authenticated Users group with both List Folder/Read Data and Create Folders/Append Data – This Folder Only rights. The Authenticated Users group can be replaced with the desired group, but do not choose the Everyone group as a best practice.

The share permissions of the folder can be configured to grant administrators Full Control and authenticated users Change permissions.

But still all users have access to other people stuff

 For folder redirection to work properly, configure the NTFS as follows:  1) Configure the folder to not inherit permissions and remove all existing permissions. 2) Add the file server’s local Administ Permission-Entry-for-users

Can someone help?
0
Comment
Question by:atigris
  • 3
7 Comments
 
LVL 17

Expert Comment

by:John Gates
ID: 35124282
Ok.  Lets work with a single folder under this directory and one the settings are solid you can do the rest.

Create a new folder under the folder you have currently set up.  Remove all the permissions that are there and do not inherit from the parent folder.  Give a single user permissions to this folder.  Once you do this let me know if others are still able to access the contents of this folder.

-D-
0
 
LVL 17

Expert Comment

by:John Gates
ID: 35124289
Also remember that share permissions and resource permissions are different.  Please let me know what you have the current share permissions set to.  With the settings I gave you above it will work even if you have everyone full control share permissions.

-D-
0
 
LVL 2

Accepted Solution

by:
atigris earned 0 total points
ID: 35241077
I start having some errors in the event log and I had to give "modify" permissions to everyone so their Folder re-direction work. Thanks for your help.
0
 
LVL 17

Expert Comment

by:John Gates
ID: 35241145
I don't understand.  We were on the path of solving your problem.  Not sure why you want to close this at this point.

-D-
0

Featured Post

What is SQL Server and how does it work?

The purpose of this paper is to provide you background on SQL Server. It’s your self-study guide for learning fundamentals. It includes both the history of SQL and its technical basics. Concepts and definitions will form the solid foundation of your future DBA expertise.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question