Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

security for folder

Posted on 2011-03-14
5
Medium Priority
?
262 Views
Last Modified: 2012-05-11
I have Windows 2003 ServerStandard and I want to create backup folders for users.  I only want the user and the administrator/user of the server to be able to access this folder.  Under security of the folder how should I set this up?  
0
Comment
Question by:mkramer777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 35128738
What is meant by "backup folders"?  Where do the user documents reside now?  All user info should live on the Server, which should be backed up daily to removable media which is cycled out of the building in case of a complete loss of infrastructure.  

However, if what you want is a folder on the server where you can force user documents to be copied from wherever they are now, the easiest way to do this is to create a top level share for each user:  "Joe's Backup", "Sally's Backup", etc and set the share permissions and the NTFS security to allow only the admin and each user to have access to each folder by name.

Nested folders can be done, but it is more difficult to setup and maintain.
0
 

Author Comment

by:mkramer777
ID: 35128876
I don't want to do it with a share I want to do it with security.  Create the folder on the server and right click it and choose sharing and security and then the security tab.  From there I only want the user and the server to be able to access that folder.  How would I do that? Here are screenshots of a folder I created and did nothing with. It shows the groups and usernames that have access.  I want the server to be able to access this folder and subfolders underneath plus this user:  b-eng1
I need help in setting just right.   Thanks. I'm a bit new at this so I might not be wording things exactly right.   Document.doc
0
 
LVL 23

Accepted Solution

by:
ormerodrutter earned 1000 total points
ID: 35128927
1 Create sub folders using whatever names you want to call.
2 Under security grant permissino to Administartor (or Administrators) and the particular user(s), giving them FULL access permission.
3 Remove the Everyone group in the ACL list. If it has been greyed out (e.g. not moveable), click the ADvanced button and uncheck the "Allow inheritable permission......" option, then redo 3
0
 

Author Comment

by:mkramer777
ID: 35129364
There is not everyone group in the acl list.  I sent a screen shot.  I would think I would have to remove users group as well.  Still not sure how to do this exactly right.  
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 35129978
Whether or not you need a share depends on how you want the files to get into the folders, which is why I asked where the user files are now.  Users cannot copy/move anything from their stations, or view anything on the server, that is not shared.  It is with share permissions and NTFS security that you control who has access to what folders and files.

If the users files and folders are already on the server, then I don't understand the need to do this.  You should already be backing up the files and folders, and Shadow Copies will allow the users to restore any changed or deleted files in their folders.  However, as an admin task you can force a copy of user files into non shared folders if the task runs, either manually or scheduled, on the server itself, not accross the network.

Start with the folder, shared or not, remove all share permissions and NTFS security except for the Administrator, go to Advanced and make sure permissions and security are not inherited, then add back the user for his own folder with the appropriate settings.  But if you want the users to access these folders from the network, they will have to be shares.

But,
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
On July 14th 2015, Windows Server 2003 will become End of Support, leaving hundreds of thousands of servers around the world that still run this 12 year old operating system vulnerable and potentially out of compliance in many organisations around t…
Video by: ITPro.TV
In this episode Don builds upon the troubleshooting techniques by demonstrating how to properly monitor a vSphere deployment to detect problems before they occur. He begins the show using tools found within the vSphere suite as ends the show demonst…
In response to a need for security and privacy, and to continue fostering an environment members can turn to for support, solutions, and education, Experts Exchange has created anonymous question capabilities. This new feature is available to our Pr…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question