Solved

domain user permission folder issue

Posted on 2013-05-21
3
281 Views
Last Modified: 2013-05-27
We have windows 2008 server SP1, where we have created Profile path of domain users in such a manners that top level users (Mgmt) can access the folders of their subordinates.
 
Due to some Problem Now a days the child folder not inheriting permissions of their Parent which resulting lot of problems. There are around 100 Domain User profile & each having hundreds of Files & folders.
 
Even the user itself is not getting access to their own files from profile folders
 
Can anyone suggest how to resolve the issue or implement some alternate method?

any tools software article available
0
Comment
Question by:tmsa12
3 Comments
 

Author Comment

by:tmsa12
ID: 39184022
there are some folder which administrator local, domain admin and user all has no permission, we move from olddomain.com to newdomain.com and we do not touch permission. now we have a folder username which has this issue.

it say below message raises

you do not have permission to view or edit object's permission settings

an error occured while applying security informatio to

access is denied
0
 
LVL 11

Expert Comment

by:Pradeep Dubey
ID: 39184117
To check the permissions use the below tool and findout permissions given to that folder.
http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx

below steps will be helpful.

To resolve this issue, enable the Bypass Traverse Checking user right. To do so, follow these steps.

Warning If the Bypass Traverse Checking user right is enabled, users can traverse folders even if they do not have permissions to the traversed folders. This right does not allow users to list the contents of the folders. Bypass Traverse Checking is an advanced user right.
On the computer on which the inaccessible share is located, start Windows Explorer.
Open, and then right-click the shared resource's parent folder that is located directly in the root of the drive, and then click Properties. For example, if you have the following folder structure: C:\Multimedia\Music\Baroque, where the Baroque folder is the shared resource, click the Multimedia folder.
Click the Security tab, and then click Advanced.
Click to select the Reset permissions on all Child objects and enable propagation of inheritable permissions check box.
Under Permission Entries, click the user or the group which experiences the issue that is listed in the Symptoms section of this article, and then click View/Edit.
Click to select the check box that is located in the Allow column, to the right of the Traverse Folder / Execute File option. If the check box that is in the Deny column is selected, click to clear it.
Click OK three times.

http://support.microsoft.com/kb/277644
0
 
LVL 1

Accepted Solution

by:
Cashpanda earned 500 total points
ID: 39184188
Strip all permissions in the shared folders with an attrib command as the admin from the server, and then rebuild the permissions for folder access policy via logon script with permissions assigned by detailed group membership in active directory. 100 users isn't too bad if you HAD to assign these permissions manually, but a script would really automate the process.

[http://technet.microsoft.com/en-us/library/cc758918(v=ws.10).aspx]

I would assign the users as full controllers for their own directories and add the management users to a group with full control over the shares of their employees. Break your users into intelligent group memberships so that no one is left out.

That's how I would do it at least. Hope this helps.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Normally after a failure of Domain Controller, when promoting new DC the DC is renamed, we will discuss the options in Dcpromo to re-create the DC with the same name. Scenario: You are a small IT shop with two Domain Controllers (Domain Contr…
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question