Hoping someone can help with this query.
I need to setup the NTFS permissions on a share such that users have rights to create their own folders and modify content in their folder but are unable to access other user's folders. The folders are used to host files scanned from an MFD and the files are added to the folders using the %USERNAME% variable under a service account. The folders are created using a Group Policy Preference (GPP).
I have configured the following permissions
Domain Users -> Create Folder (This folder only)
CREATOR OWNER -> Full Control (Subfolders and files only)
Service Account -> Full Control (Subfolders and files only)
When a file is scanned and added to the user folder although it can be seen by the user it cannot be accessed (as the Service Account is the Creator). What rights do I need to configure to achieve my requirement?