Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

security for folder

Posted on 2011-03-14
5
Medium Priority
?
264 Views
Last Modified: 2012-05-11
I have Windows 2003 ServerStandard and I want to create backup folders for users.  I only want the user and the administrator/user of the server to be able to access this folder.  Under security of the folder how should I set this up?  
0
Comment
Question by:mkramer777
  • 2
  • 2
5 Comments
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 35128738
What is meant by "backup folders"?  Where do the user documents reside now?  All user info should live on the Server, which should be backed up daily to removable media which is cycled out of the building in case of a complete loss of infrastructure.  

However, if what you want is a folder on the server where you can force user documents to be copied from wherever they are now, the easiest way to do this is to create a top level share for each user:  "Joe's Backup", "Sally's Backup", etc and set the share permissions and the NTFS security to allow only the admin and each user to have access to each folder by name.

Nested folders can be done, but it is more difficult to setup and maintain.
0
 

Author Comment

by:mkramer777
ID: 35128876
I don't want to do it with a share I want to do it with security.  Create the folder on the server and right click it and choose sharing and security and then the security tab.  From there I only want the user and the server to be able to access that folder.  How would I do that? Here are screenshots of a folder I created and did nothing with. It shows the groups and usernames that have access.  I want the server to be able to access this folder and subfolders underneath plus this user:  b-eng1
I need help in setting just right.   Thanks. I'm a bit new at this so I might not be wording things exactly right.   Document.doc
0
 
LVL 23

Accepted Solution

by:
ormerodrutter earned 1000 total points
ID: 35128927
1 Create sub folders using whatever names you want to call.
2 Under security grant permissino to Administartor (or Administrators) and the particular user(s), giving them FULL access permission.
3 Remove the Everyone group in the ACL list. If it has been greyed out (e.g. not moveable), click the ADvanced button and uncheck the "Allow inheritable permission......" option, then redo 3
0
 

Author Comment

by:mkramer777
ID: 35129364
There is not everyone group in the acl list.  I sent a screen shot.  I would think I would have to remove users group as well.  Still not sure how to do this exactly right.  
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 35129978
Whether or not you need a share depends on how you want the files to get into the folders, which is why I asked where the user files are now.  Users cannot copy/move anything from their stations, or view anything on the server, that is not shared.  It is with share permissions and NTFS security that you control who has access to what folders and files.

If the users files and folders are already on the server, then I don't understand the need to do this.  You should already be backing up the files and folders, and Shadow Copies will allow the users to restore any changed or deleted files in their folders.  However, as an admin task you can force a copy of user files into non shared folders if the task runs, either manually or scheduled, on the server itself, not accross the network.

Start with the folder, shared or not, remove all share permissions and NTFS security except for the Administrator, go to Advanced and make sure permissions and security are not inherited, then add back the user for his own folder with the appropriate settings.  But if you want the users to access these folders from the network, they will have to be shares.

But,
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
I've often see, or have been asked, the question about the difference between the Exchange 2010 SP1 version, available as part of Small Business Server (SBS) 2011, and the “normal” Exchange 2010 SP1 Standard. The answer to the question is relativ…
This course is ideal for IT System Administrators working with VMware vSphere and its associated products in their company infrastructure. This course teaches you how to install and maintain this virtualization technology to store data, prevent vuln…
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…

886 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question