Setting Server 2008 file permissions
We have a domain running active directory
We have a folder located on a MS server 2008 machine lets call it TEST
This folder is shared with the Advanced Sharing permissions and the security group
SEC-TESTGROUP that contains multiuple people are in this group. The Security group has full control of that share
There are other folders under the TEST folder. One in particular called SECRET. By default with inherited permission everyone in the SEC-TESTGROUP group has access to this
I am trying to prevent all but 2 people getting into that folder. I have shut off inherited permssions under the security tab on that folder, and added only the 2 users I want to have access to that folder. However everyone in the SEC-TESTGROUP security group can still access that folder just as before.
Can someone explain what I am doing wrong? I'm sure its something simple and I am just missing it.
Thanks
We have a folder located on a MS server 2008 machine lets call it TEST
This folder is shared with the Advanced Sharing permissions and the security group
SEC-TESTGROUP that contains multiuple people are in this group. The Security group has full control of that share
There are other folders under the TEST folder. One in particular called SECRET. By default with inherited permission everyone in the SEC-TESTGROUP group has access to this
I am trying to prevent all but 2 people getting into that folder. I have shut off inherited permssions under the security tab on that folder, and added only the 2 users I want to have access to that folder. However everyone in the SEC-TESTGROUP security group can still access that folder just as before.
Can someone explain what I am doing wrong? I'm sure its something simple and I am just missing it.
Thanks
ASKER
I know I copied the permissions, but I'm very sure I deleted the SEC-TESTGROUP after I copied
I'm sure Im looking the the right place. All I see is the following
SYSTEM
Authorized user 1
Authorized user 2
Domain Admins
Administrators (*local server Machine name*\administrators)
Users (*local server machine name\users)
I don't see that security group listed anywhere under the properties,security tab for the SECRET folder.
I'm sure Im looking the the right place. All I see is the following
SYSTEM
Authorized user 1
Authorized user 2
Domain Admins
Administrators (*local server Machine name*\administrators)
Users (*local server machine name\users)
I don't see that security group listed anywhere under the properties,security tab for the SECRET folder.
Are they a member of the local users, administrator, or doamin admins?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As Jmoody said, check that SEC-TESTGROUP is not also a member of other groups that have permissions, such as the Domain Admins group etc.
ASKER
Double checked. SEC-TESTGROUP is not a member of Domain Admins.
Removing the Users (*local server machine name\users) setting seems to have fixed the issue
Can someone explain this one to me? Its a local security group. Why would a domain account be considered a memeber of that local security group?
Thanks again
Removing the Users (*local server machine name\users) setting seems to have fixed the issue
Can someone explain this one to me? Its a local security group. Why would a domain account be considered a memeber of that local security group?
Thanks again
Local Users automatically includes domain users in it (if the machine is not in the domain controllers group). If this was not the case, you would have to manually set up each machine on who can log in, create local user profiles, etc.
Thanks
Mike