How to correctly assign NTFS permission on Windows 2008 share folder
Posted on 2011-09-18
I have a share folder name "Departments" and inside that folder there are several folders with department names. All folders are configure to have their NTFS security permission assign according to their group. Example: If you are a staff of the HR department then they will be inside the HR security group, and that group is assign to the HR folder with full permission.
The problem I am having is that users can copy and paste other folders they are not allow, to the Folder they have permission.
Example: HR Folder is only accessible to users that are in the HR group, but users from another Departments like "Administration" can copy the HR folder and pasted it on their Administration folder.
The users from "Administration Group" cannot access the HR folder when they double click. This is happening to every folder. Users do not have access to a particular folder but they can copy the folder and have access.
Folder permissions are as follow:
Share folder -- Departments -- shared permission "Everyone Full control"
NTFS Permission-- "creators owner full control" - "Admins full control" - "Authenticated user- Read only"
ALL folders inside Department folders have "creators owner -Full control" "admin -full control" and Full control to the group the folder belown to.