i'm trying to establish an internal file structure for our users. my questions is more best practice and how to appropriate permissions.
i have a file server and my home directory of a user at the following location "D:\Shared\Admin\user1home" for user1 and "D:\Shared\Admin\user2home" for user two, where my share point is 'Admin' and the AD Home Folder h: points to the path "\\filerserver\admin\user%home". i'm trying to figure out if that is the right share point (as opposed to \\fileserver\user%home) and what NTFS permissions i need to apply to my sharepoint (i.e. the directory 'Admin') so that users with homes in that directory/share do not have access to other users' homes also in that directory/share and still have full access to their own home.
To accomplish my goal, I believe i can give 'read/list folders/read attribute/read extended attributes' to the group of users in that directory/share then let AD take care of permissions on each users' home. Is that correct?