Solved

windows 2008 r2 permission issues

Posted on 2013-11-17
7
397 Views
Last Modified: 2014-02-04
dear gurus,
i do need some one step by step to bottleneck this issue. we are getting problem one of our file server where the issues is likely

- a group on AD created called P&S, some users are added there
- where a folder created on file server root folder for sharing, as "datariy" and then another department above folder created "P&S"
- we give permission of local admin, domain admin, administrators(group) local and P&S all as FULL permission
- slowly we discover the issue that
- 1 user of P&S group folder create sub folder under P&S, and keep files like word excel pdf etc, so 2nd user cant see fails, only folders are seen.
- similary the story of 2nd user create keep some files sub folders so 1st user cant see except blank empty folder.

- the data server is join ad to master server, beside ony file server role, avg antivirus and backup software sonicwall cdp agent installed
- we even delete the all folder inside P&S and restore data from backup, so after restoring again found same problem
- we even reset the permission start from scratch, give permission to admin domain, local admin, then P&S group.
- basically the permission from P&S are not ingertting to subfolder->further again subfolders-> and files as example scenerio
- such issues we never face windows 2003 we used but 2008 does not work similar fashion how 2003 was, this is my understanding the matrix of permission looks change

can someone assist us step by step any tips guideline or bottleneck the issue. any best software to assign sub folder and file level permission available advise plz free demo or commerical even too

kind regards
salim
0
Comment
Question by:tmsa12
  • 4
  • 3
7 Comments
 
LVL 36

Expert Comment

by:Mahesh
ID: 39655699
Correct me if I am wrong
Your issue is, within shared folders, NTFS permissions are not getting enforced on each and every folder and files  from parent ?
0
 

Author Comment

by:tmsa12
ID: 39656502
shared folder AD user and permission not NTFS. as i give clear example detail explanation as well.
NTFS confusing what is this exactly, as ntfs is the partition type. beside give some hints tips problem resolving
0
 
LVL 36

Expert Comment

by:Mahesh
ID: 39656511
Sorry
I am not able to understand your question please

Thanks
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 

Author Comment

by:tmsa12
ID: 39658576
my permission are not working, they do not do inheritance
0
 

Author Comment

by:tmsa12
ID: 39658577
dear gurus,
i do need some one step by step to bottleneck this issue. we are getting problem one of our file server where the issues is likely

- a group on AD created called P&S, some users are added there
- where a folder created on file server root folder for sharing, as "datariy" and then another department above folder created "P&S"
- we give permission of local admin, domain admin, administrators(group) local and P&S all as FULL permission
- slowly we discover the issue that
- 1 user of P&S group folder create sub folder under P&S, and keep files like word excel pdf etc, so 2nd user cant see fails, only folders are seen.
- similary the story of 2nd user create keep some files sub folders so 1st user cant see except blank empty folder.

- the data server is join ad to master server, beside ony file server role, avg antivirus and backup software sonicwall cdp agent installed
- we even delete the all folder inside P&S and restore data from backup, so after restoring again found same problem
- we even reset the permission start from scratch, give permission to admin domain, local admin, then P&S group.
- basically the permission from P&S are not ingertting to subfolder->further again subfolders-> and files as example scenerio
- such issues we never face windows 2003 we used but 2008 does not work similar fashion how 2003 was, this is my understanding the matrix of permission looks change

can someone assist us step by step any tips guideline or bottleneck the issue. any best software to assign sub folder and file level permission available advise plz free demo or commerical even too

kind regards
salim
0
 
LVL 36

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39658632
If my understanding of question is correct, then follow below steps.
Logon to file server with accoun t having local admin rights on file server.
1st assign full control share permissions to required groups on root shared folder.
Then take ownership of root shared folder through NTFS advanced security permissions with "Replace owners on subcontainers" option selected.wait until process gets completed.
Now close all windows and reopen folder properties and go to security tab.
Then add required group on NTFS permissions with required permissions and click apply.
Then from advanced NTFS security permissions window, select "replace all child object permissions with inheritable permissions from this object" checkbox and apply.
Now your top level folder permissions should get applied (inherited) to all sub folders and files without any issue

Basically this might be subfolder ownership issue , thats why users permissions are not getting applied to folder where folder owner is some else user account..
In order to avoid this issue in feature on any shared folders, give full control share permissions to respective users and you need to check which users you assigned full control NTFS permissions and change it to Modify instead
Also remove "Creator owner" group from NTFS permissions of root \ top folder with "replace all child object permissions with inheritable permissions from this object" checkbox selected


Thanks
0
 

Author Closing Comment

by:tmsa12
ID: 39832298
thank you can you close the case plz
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

We recently had an issue where out of nowhere, end users started indicating that their logins to our terminal server were just showing a "blank screen." After checking the usual suspects -- profiles, shell=explorer.exe in the registry, userinit.exe,…
OfficeMate Freezes on login or does not load after login credentials are input.
This tutorial will walk an individual through the steps necessary to enable the VMware\Hyper-V licensed feature of Backup Exec 2012. In addition, how to add a VMware server and configure a backup job. The first step is to acquire the necessary licen…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question