Windows Server 2008 Folder Permission

Hi,
I created a shared folder A and created several subfolders for different department. I would like users only can access to their own department  folder. I went ahead created groups first ( I tried both Security and Distribution) and I then put designated users to those groups.
When I Added the group to the department folder under A user could not see the folder they belong to out there! If I add one user at time they can see the folder. I don’t mind add individually if that department only has five staff. There is one department has hundred staff and manually add them is very time consuming.
Any better way of doing it? By the way, the A folder is located on Windows 2008 R2 32bit Standard, not DC. Group were created on Windows 2003 DC. Our domain lever is 2003.
Thank you very much in advance!
lgallionAsked:
Who is Participating?
 
Darius GhassemConnect With a Mentor Commented:
Ok are you sure you are connecting to the department folder properly? If you add the one user with the Group on permissions can user see folders then?

Doesn't seem to be a permission problem because the user can connect.

Check Access Enumeration

http://technet.microsoft.com/en-us/library/dd772681(WS.10).aspx
0
 
Darius GhassemCommented:
What permissions does the parent folder have?

You should be using Security groups only. What other groups is the group a part of?
0
 
lgallionAuthor Commented:
I used the default rights for parent folder :Everyone, Create Owner, system, administrator.....
I don't understand what other goups is the group A? Group A is root of server C drive and underneath has HR, Admin, Marketing....
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 
Darius GhassemCommented:
Is Group A part of another group? Go to Properties of Group you can see Memeber Of here.

Do you have any Deny in the root directory?

Are you adding permission to Share and Ntfs?
0
 
lgallionAuthor Commented:
Group A is not a part of the other group and I don't have any deny right in the root directory. no share only ntfs.
0
 
lgallionAuthor Commented:
I am sorry parent group - group A is both Share (Everyone is Full) and ntfs rights
0
 
Darius GhassemCommented:
When you add departments to the Folders you don't see the folder or you get Access Denied?
0
 
lgallionAuthor Commented:
I don't see the folders.
0
 
Darius GhassemCommented:
What folders are you not seeing? The folders inside the Root folder or the Department folder?
0
 
lgallionAuthor Commented:
The department folder
0
 
lgallionAuthor Commented:
Under the Share and storage management console the access enumeration is enabled.
0
 
Darius GhassemCommented:
Remove this
0
 
Darius GhassemCommented:
Check permissions on these folders make sure users have permissions to these folders below on the department folder
0
 
lgallionAuthor Commented:
It works on folder visibily! Everyone can see all department folders now beside themselves, of cause they can not access other than their own. Originally I only wanted them to see their own folder. I can live with it if there is no other way?
0
 
lgallionAuthor Commented:
Thank you, dariusg, for telling me disable the access emmunation and made a big progress now. Like I said if there is no other way I can live with it.
0
 
Darius GhassemCommented:
The solution should be http://#a35693286
0
 
Darius GhassemCommented:
Solution wasn't selected
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.