Solved

Folder security in Active Directory

Posted on 2012-04-12
4
522 Views
Last Modified: 2012-04-30
I have a user that needs access to a subfolder on our shared drive.  I just want her to have access to the subfolder not the anything north of the folder.  Right now I have her added to the subfolder security and not inheriting permissions.  She can't access the folder.  Any help would be greatly appreciated.

Thanks,
snip.PNG
0
Comment
Question by:bhiller06
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 38

Accepted Solution

by:
Rich Rumble earned 125 total points
ID: 37840926
This can be tricky, you want the traverse folder permission in the advanced security: http://www.techrepublic.com/article/windows-101-know-the-basics-about-ntfs-permissions/6084446
Share and NTFS permissions work in tandem, and they will take the most restrictive permission as it's action, so even if the user is allowed in the NTFS permissions, if they are denied in the share permission's then that will be the action taken. Share permissions are much less verbose than NTFS, and NTFS is where you should be applying most restrictions or permissions to keep things simple, and in case someone also has the logon interactively permission, they can just go straight to that folder if the share permissions are what is keeping them out on the network. Apply most if not all restrictions at the NTFS level.
-rich
0
 
LVL 22

Assisted Solution

by:chakko
chakko earned 125 total points
ID: 37841191
Have you tried to access the folder directly such as \\server\share\folder\subfolder-you-want

or try to map a drive letter using the long/deep path  like;  net use x: \\server\share\folder\subfoler-you-want

and as richrumble already stated, make sure the permissions are not blocking access.
0
 
LVL 24

Assisted Solution

by:Mike Thomas
Mike Thomas earned 125 total points
ID: 37841372
As chakkapo says it might be best to direct her straight into the desired subfolder, maybe with a new share just for that purpose, but if you want to do it the regular way then just just needs to list and traverse all folders above.

And make sure the share permissions are in order not just NTFS.
0
 
LVL 29

Assisted Solution

by:pwindell
pwindell earned 125 total points
ID: 37842778
Forget Drive Letters and "mapping".  The 1990's are over and this isn't Novell

Go directly to the Folder via the Path as Chakko is saying.  \\server\share\folder\subfolder-you-want

It also is not all about Share Permissions.  It is about both Share and NTFS Permissions,...they are two different things.  The Share that the user is comming "though" must allow them Read or Read/Change,...the NTFS Security then have to control it from there.   This stuff can get really complex if you get too picky and complicated about what you want of expect.
0

Featured Post

Backup Solution for AWS

Read about how CloudBerry Backup fully integrates your backups with Amazon S3 and Amazon Glacier to provide military-grade encryption and dramatically cut storage costs on any platform.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question