Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 929
  • Last Modified:

Issue with Home Folder permissions

Hello All;

I setup home folders for my users and it's working fine, the only issue is that all users have access to other peoples home directory.

I followed the doc http://www.itechtalk.com/thread1958.html 

For folder redirection to work properly, configure the NTFS as follows:

1) Configure the folder to not inherit permissions and remove all existing permissions.
2) Add the file server’s local Administrators group with Full Control of This Folder, Subfolders, and Files.
3) Add the Domain Admins domain security group with Full Control of This Folder, Subfolders, and Files.
4) Add the System account with Full Control of This Folder, Subfolders, and Files.
5) Add the Creator/Owner with Full Control of Subfolders and Files.
6) Add the Authenticated Users group with both List Folder/Read Data and Create Folders/Append Data – This Folder Only rights. The Authenticated Users group can be replaced with the desired group, but do not choose the Everyone group as a best practice.

The share permissions of the folder can be configured to grant administrators Full Control and authenticated users Change permissions.

But still all users have access to other people stuff

 For folder redirection to work properly, configure the NTFS as follows:  1) Configure the folder to not inherit permissions and remove all existing permissions. 2) Add the file server’s local Administ Permission-Entry-for-users

Can someone help?
0
atigris
Asked:
atigris
  • 3
1 Solution
 
John Gates, CISSPSecurity ProfessionalCommented:
Ok.  Lets work with a single folder under this directory and one the settings are solid you can do the rest.

Create a new folder under the folder you have currently set up.  Remove all the permissions that are there and do not inherit from the parent folder.  Give a single user permissions to this folder.  Once you do this let me know if others are still able to access the contents of this folder.

-D-
0
 
John Gates, CISSPSecurity ProfessionalCommented:
Also remember that share permissions and resource permissions are different.  Please let me know what you have the current share permissions set to.  With the settings I gave you above it will work even if you have everyone full control share permissions.

-D-
0
 
atigrisAuthor Commented:
I start having some errors in the event log and I had to give "modify" permissions to everyone so their Folder re-direction work. Thanks for your help.
0
 
John Gates, CISSPSecurity ProfessionalCommented:
I don't understand.  We were on the path of solving your problem.  Not sure why you want to close this at this point.

-D-
0

Featured Post

Ask an Anonymous Question!

Don't feel intimidated by what you don't know. Ask your question anonymously. It's easy! Learn more and upgrade.

  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now