1 File Server (2008 r2 FSRM)
Multiple Shares, e.g.
All these shares have security in such a way that only the matching Security Group can access.
So, for \\SERVER\Administration there are users in the security group in AD and that group is added to the share security and all works well. The drive is mapped on login perfectly.
The issue is this:
All Shares have the additional security attached which I beleive are defualt:
However there is no domain admins attached to any of the folders, only the above. I know Domain Admins are attached to \\SERVERNAME\Administrators group but what if for any reason domain admins are removed. No domain admins can access the shares anymore.
Should I add domain admins to each of the shares (folder leve)..? If so, should I do it at folder level or at the root folder of \\SERVERNAME\Departments (administration, finance, hr, payroll) and add domain admins?
IF it even should be like that?
I mean domain admins should be able to access all departmens shares and all folders??