Solved

security for folder

Posted on 2011-03-14
5
250 Views
Last Modified: 2012-05-11
I have Windows 2003 ServerStandard and I want to create backup folders for users.  I only want the user and the administrator/user of the server to be able to access this folder.  Under security of the folder how should I set this up?  
0
Comment
Question by:mkramer777
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 35128738
What is meant by "backup folders"?  Where do the user documents reside now?  All user info should live on the Server, which should be backed up daily to removable media which is cycled out of the building in case of a complete loss of infrastructure.  

However, if what you want is a folder on the server where you can force user documents to be copied from wherever they are now, the easiest way to do this is to create a top level share for each user:  "Joe's Backup", "Sally's Backup", etc and set the share permissions and the NTFS security to allow only the admin and each user to have access to each folder by name.

Nested folders can be done, but it is more difficult to setup and maintain.
0
 

Author Comment

by:mkramer777
ID: 35128876
I don't want to do it with a share I want to do it with security.  Create the folder on the server and right click it and choose sharing and security and then the security tab.  From there I only want the user and the server to be able to access that folder.  How would I do that? Here are screenshots of a folder I created and did nothing with. It shows the groups and usernames that have access.  I want the server to be able to access this folder and subfolders underneath plus this user:  b-eng1
I need help in setting just right.   Thanks. I'm a bit new at this so I might not be wording things exactly right.   Document.doc
0
 
LVL 23

Accepted Solution

by:
ormerodrutter earned 250 total points
ID: 35128927
1 Create sub folders using whatever names you want to call.
2 Under security grant permissino to Administartor (or Administrators) and the particular user(s), giving them FULL access permission.
3 Remove the Everyone group in the ACL list. If it has been greyed out (e.g. not moveable), click the ADvanced button and uncheck the "Allow inheritable permission......" option, then redo 3
0
 

Author Comment

by:mkramer777
ID: 35129364
There is not everyone group in the acl list.  I sent a screen shot.  I would think I would have to remove users group as well.  Still not sure how to do this exactly right.  
0
 
LVL 22

Expert Comment

by:Larry Struckmeyer MVP
ID: 35129978
Whether or not you need a share depends on how you want the files to get into the folders, which is why I asked where the user files are now.  Users cannot copy/move anything from their stations, or view anything on the server, that is not shared.  It is with share permissions and NTFS security that you control who has access to what folders and files.

If the users files and folders are already on the server, then I don't understand the need to do this.  You should already be backing up the files and folders, and Shadow Copies will allow the users to restore any changed or deleted files in their folders.  However, as an admin task you can force a copy of user files into non shared folders if the task runs, either manually or scheduled, on the server itself, not accross the network.

Start with the folder, shared or not, remove all share permissions and NTFS security except for the Administrator, go to Advanced and make sure permissions and security are not inherited, then add back the user for his own folder with the appropriate settings.  But if you want the users to access these folders from the network, they will have to be shares.

But,
0

Featured Post

Comparison of Amazon Drive, Google Drive, OneDrive

What is Best for Backup: Amazon Drive, Google Drive or MS OneDrive? In this free whitepaper we look at their performance, pricing, and platform availability to help you decide which cloud drive is right for your situation. Download and read the results of our testing for free!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The SBS 2011 release date (RTM) is supposed to be around Christmas, 2011.  This article is a compilation of my notes -- things I have learned first hand.  The items are in a rather random order, but I think this list covers most of what is new and d…
Scenerio: You have a server running Server 2003 and have applied a retail pack of Terminal Server Licenses.  You want to change servers or your server has crashed and you need to reapply the Terminal Server Licenses. When you enter the 16-digit lic…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question