Solved

windows 2008 r2 permission issues

Posted on 2013-11-17
7
392 Views
Last Modified: 2014-02-04
dear gurus,
i do need some one step by step to bottleneck this issue. we are getting problem one of our file server where the issues is likely

- a group on AD created called P&S, some users are added there
- where a folder created on file server root folder for sharing, as "datariy" and then another department above folder created "P&S"
- we give permission of local admin, domain admin, administrators(group) local and P&S all as FULL permission
- slowly we discover the issue that
- 1 user of P&S group folder create sub folder under P&S, and keep files like word excel pdf etc, so 2nd user cant see fails, only folders are seen.
- similary the story of 2nd user create keep some files sub folders so 1st user cant see except blank empty folder.

- the data server is join ad to master server, beside ony file server role, avg antivirus and backup software sonicwall cdp agent installed
- we even delete the all folder inside P&S and restore data from backup, so after restoring again found same problem
- we even reset the permission start from scratch, give permission to admin domain, local admin, then P&S group.
- basically the permission from P&S are not ingertting to subfolder->further again subfolders-> and files as example scenerio
- such issues we never face windows 2003 we used but 2008 does not work similar fashion how 2003 was, this is my understanding the matrix of permission looks change

can someone assist us step by step any tips guideline or bottleneck the issue. any best software to assign sub folder and file level permission available advise plz free demo or commerical even too

kind regards
salim
0
Comment
Question by:tmsa12
  • 4
  • 3
7 Comments
 
LVL 35

Expert Comment

by:Mahesh
Comment Utility
Correct me if I am wrong
Your issue is, within shared folders, NTFS permissions are not getting enforced on each and every folder and files  from parent ?
0
 

Author Comment

by:tmsa12
Comment Utility
shared folder AD user and permission not NTFS. as i give clear example detail explanation as well.
NTFS confusing what is this exactly, as ntfs is the partition type. beside give some hints tips problem resolving
0
 
LVL 35

Expert Comment

by:Mahesh
Comment Utility
Sorry
I am not able to understand your question please

Thanks
0
Wish Marketing would stop bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

 

Author Comment

by:tmsa12
Comment Utility
my permission are not working, they do not do inheritance
0
 

Author Comment

by:tmsa12
Comment Utility
dear gurus,
i do need some one step by step to bottleneck this issue. we are getting problem one of our file server where the issues is likely

- a group on AD created called P&S, some users are added there
- where a folder created on file server root folder for sharing, as "datariy" and then another department above folder created "P&S"
- we give permission of local admin, domain admin, administrators(group) local and P&S all as FULL permission
- slowly we discover the issue that
- 1 user of P&S group folder create sub folder under P&S, and keep files like word excel pdf etc, so 2nd user cant see fails, only folders are seen.
- similary the story of 2nd user create keep some files sub folders so 1st user cant see except blank empty folder.

- the data server is join ad to master server, beside ony file server role, avg antivirus and backup software sonicwall cdp agent installed
- we even delete the all folder inside P&S and restore data from backup, so after restoring again found same problem
- we even reset the permission start from scratch, give permission to admin domain, local admin, then P&S group.
- basically the permission from P&S are not ingertting to subfolder->further again subfolders-> and files as example scenerio
- such issues we never face windows 2003 we used but 2008 does not work similar fashion how 2003 was, this is my understanding the matrix of permission looks change

can someone assist us step by step any tips guideline or bottleneck the issue. any best software to assign sub folder and file level permission available advise plz free demo or commerical even too

kind regards
salim
0
 
LVL 35

Accepted Solution

by:
Mahesh earned 500 total points
Comment Utility
If my understanding of question is correct, then follow below steps.
Logon to file server with accoun t having local admin rights on file server.
1st assign full control share permissions to required groups on root shared folder.
Then take ownership of root shared folder through NTFS advanced security permissions with "Replace owners on subcontainers" option selected.wait until process gets completed.
Now close all windows and reopen folder properties and go to security tab.
Then add required group on NTFS permissions with required permissions and click apply.
Then from advanced NTFS security permissions window, select "replace all child object permissions with inheritable permissions from this object" checkbox and apply.
Now your top level folder permissions should get applied (inherited) to all sub folders and files without any issue

Basically this might be subfolder ownership issue , thats why users permissions are not getting applied to folder where folder owner is some else user account..
In order to avoid this issue in feature on any shared folders, give full control share permissions to respective users and you need to check which users you assigned full control NTFS permissions and change it to Modify instead
Also remove "Creator owner" group from NTFS permissions of root \ top folder with "replace all child object permissions with inheritable permissions from this object" checkbox selected


Thanks
0
 

Author Closing Comment

by:tmsa12
Comment Utility
thank you can you close the case plz
0

Featured Post

Wish Marketing would stop bothering you?

Is your marketing department constantly asking for new email signature updates? Are they requesting a different design for every department? Do they need yet another banner added? Don’t let it get you down! There is an easy way to manage all of these requests...

Join & Write a Comment

I was asked if I could set up a fax machine so that incoming faxes were delivered to people's Exchange inboxes and so that they could send faxes from their desktops without needing to print the document first.  I knew it was possible but I had no id…
Sometimes drives fill up and we don't know why.  If you don't understand the best way to use the tools available, you may end up being stumped as to why your drive says it's not full when you have no space left!  Here's how you can find out...
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now