Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

domain user permission folder issue

Posted on 2013-05-21
3
Medium Priority
?
289 Views
Last Modified: 2013-05-27
We have windows 2008 server SP1, where we have created Profile path of domain users in such a manners that top level users (Mgmt) can access the folders of their subordinates.
 
Due to some Problem Now a days the child folder not inheriting permissions of their Parent which resulting lot of problems. There are around 100 Domain User profile & each having hundreds of Files & folders.
 
Even the user itself is not getting access to their own files from profile folders
 
Can anyone suggest how to resolve the issue or implement some alternate method?

any tools software article available
0
Comment
Question by:tmsa12
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 

Author Comment

by:tmsa12
ID: 39184022
there are some folder which administrator local, domain admin and user all has no permission, we move from olddomain.com to newdomain.com and we do not touch permission. now we have a folder username which has this issue.

it say below message raises

you do not have permission to view or edit object's permission settings

an error occured while applying security informatio to

access is denied
0
 
LVL 11

Expert Comment

by:Pradeep Dubey
ID: 39184117
To check the permissions use the below tool and findout permissions given to that folder.
http://technet.microsoft.com/en-us/sysinternals/bb897332.aspx

below steps will be helpful.

To resolve this issue, enable the Bypass Traverse Checking user right. To do so, follow these steps.

Warning If the Bypass Traverse Checking user right is enabled, users can traverse folders even if they do not have permissions to the traversed folders. This right does not allow users to list the contents of the folders. Bypass Traverse Checking is an advanced user right.
On the computer on which the inaccessible share is located, start Windows Explorer.
Open, and then right-click the shared resource's parent folder that is located directly in the root of the drive, and then click Properties. For example, if you have the following folder structure: C:\Multimedia\Music\Baroque, where the Baroque folder is the shared resource, click the Multimedia folder.
Click the Security tab, and then click Advanced.
Click to select the Reset permissions on all Child objects and enable propagation of inheritable permissions check box.
Under Permission Entries, click the user or the group which experiences the issue that is listed in the Symptoms section of this article, and then click View/Edit.
Click to select the check box that is located in the Allow column, to the right of the Traverse Folder / Execute File option. If the check box that is in the Deny column is selected, click to clear it.
Click OK three times.

http://support.microsoft.com/kb/277644
0
 
LVL 1

Accepted Solution

by:
Cashpanda earned 1000 total points
ID: 39184188
Strip all permissions in the shared folders with an attrib command as the admin from the server, and then rebuild the permissions for folder access policy via logon script with permissions assigned by detailed group membership in active directory. 100 users isn't too bad if you HAD to assign these permissions manually, but a script would really automate the process.

[http://technet.microsoft.com/en-us/library/cc758918(v=ws.10).aspx]

I would assign the users as full controllers for their own directories and add the management users to a group with full control over the shares of their employees. Break your users into intelligent group memberships so that no one is left out.

That's how I would do it at least. Hope this helps.
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
I was prompted to write this article after the recent World-Wide Ransomware outbreak. For years now, System Administrators around the world have used the excuse of "Waiting a Bit" before applying Security Patch Updates. This type of reasoning to me …
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

715 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question