This may seem an easy one. It's been a few years since I involved myself in NTFS permissions.
Company A has a mapped drive which everyone can access. The drive is located on the server.
Within the drive is folders (This is an example, in reality there are 40 folders):
We want to give permissions to new folder to a group of people. This group can't have access to any other folder.
I've created a domain local security group in AD and added the users who need access to New folder into it. I've then given that group access on new folder.
How do I stop them accessing other folders? Do I have to go through each folder and deny them? Or can I deny them at the root (E:\data)
If I deny at root, will that take precedence over the allow at folder level?