DFS Permissions
Using 2008 R2 server. I had this working on 2003 server, but can't seem to be able to do it here. I have a DFS Root, with many links to shared folders. The DFS names space is then used to map users to a shared drive using GPO and netuse. My issue is I can't seem to prevent users from saving to the root folders, which are by department. I only want them to be able to save in the sub-folders. They should be able to create any folders they wish within the sub folders and inside the parent folder. I've tried changing the parent folder permissions and inheriting down, but that locked them out of everything. Not sure what I can't remember.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Root meaning the "top of the folder tree" in the file system within the context of the discussion.
Since the DFS Root has to point to something,...it is probably one and the same,...but maybe not.
I'm talking about the Folder right above the User's individual folders.
Some Folder| <------------you point the DFS Root here?? Don't know.
|--Userfolder1
|--Userfolder2
|--UserSally
|--UserJohn
Here is an article that gives the same theory I based what I said on,...but mine is more simpler.
How to dynamically create security-enhanced redirected folders by using folder redirection in Windows 2000 and in Windows Server 2003
http://support.microsoft.com/kb/274443
Do not confuse these:
1. Folder Redirection
2. Roaming Profiles
3. Offline Files
4. DFS
They are all four entirely different and independent things. They can all be done totally by themselves or in various combinations togther (if you can keep them all straight). But if you cannot keep it straight in your head where one ends and another begins you are in for a world of hurt. DFS simply repicates copys of the specified file structure to two or more places and provides a unified UNC Path to get there,...that is all it does,...don't confuse what it is doing with what any of the other 3 things do.
Since the DFS Root has to point to something,...it is probably one and the same,...but maybe not.
I'm talking about the Folder right above the User's individual folders.
Some Folder| <------------you point the DFS Root here?? Don't know.
|--Userfolder1
|--Userfolder2
|--UserSally
|--UserJohn
Here is an article that gives the same theory I based what I said on,...but mine is more simpler.
How to dynamically create security-enhanced redirected folders by using folder redirection in Windows 2000 and in Windows Server 2003
http://support.microsoft.com/kb/274443
Do not confuse these:
1. Folder Redirection
2. Roaming Profiles
3. Offline Files
4. DFS
They are all four entirely different and independent things. They can all be done totally by themselves or in various combinations togther (if you can keep them all straight). But if you cannot keep it straight in your head where one ends and another begins you are in for a world of hurt. DFS simply repicates copys of the specified file structure to two or more places and provides a unified UNC Path to get there,...that is all it does,...don't confuse what it is doing with what any of the other 3 things do.
ASKER
Almost exactly what we need. Tweaking on our side needed.
ASKER
The partiality would be our need to change the way the folders are now set up.
The article I gave the link for is more accuarte than what I gave off the top of my head. I trhink I forgot a couple parts in mine.
ASKER