Server 2008 folder permissions

I just set permissions for each user on the server. Last director did not require that each folder have set permissions so all folders were shared with everyone. New director has requested that each folder has permissions set for just that user.
Example:
UserA can only see FolderA
UserB can only see FolderB
UserC can only see FolderC
etc....
Once I did the sharing each user can now only see his/her own folder and can not see anyone else's. All is OK on each individual workstation except the one central workstation. There is one workstation that everyone shares up front. When they are on desk duty they login as themselves. When UserA logins in upfront she only sees FolderA and the same with UserB. When UserC logins in she can see and access everyone's folder.  When UserC goes back to her desk and logins in she only sees her folder. When she goes back up front to the central desk and logins she sees all folders.
Server is set up as AD and is Server 2008 standard. Workstations are all Windows 7 Pro.
Why is this and what do I do to fix it??
LANengineerAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MaheshArchitectCommented:
Try below instead of sharing each user folder.
Make root folder call users
Share that folder with authenticated users and administrators as change share permissions
Now in NTFS security permissions, add authenticated users, give them list folder contents and click Apply. Also check if administrators having full control, if not add it and grant full control.
Now go to advanced permissions and edit permissions for authenticated users and select "This folder only" and click apply and close all windows.
Now move all your users folder into "Users" root folder and just grant each user modify ntfs permissions on his respective folder, remove everyone and other users permissions from acl except administrators. Add administrators if not there.
Once you do that, go to Shares and storage management console and enable access based enumeration. Check below links
http://blogs.technet.com/b/aralves/archive/2007/09/20/windows-server-2008-access-based-enumeration.aspx
http://havardkristiansen.com/?p=152
Now user should be able to see only his folder to which he has access only from every where
You need to deploy map drives with new path for users
I suggest you to test this scenario 1st prior to deploy in production
It will work but we don't want to increase support calls unnecessarily

Mahesh
ktaczalaCommented:
It's possible that userC profile has manually mapped other folders with save password(probably domain administrative account) and reconnect on login enabled.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MaheshArchitectCommented:
One another option is you could setup home directories for all users
You can use below article to setup home directories for all users
http://blogs.technet.com/b/askds/archive/2008/06/30/automatic-creation-of-user-folders-for-home-roaming-profile-and-redirected-folders.aspx
The above article will help you to create home directory for all users from active directory in one shot.
You can create root shared folder with permissions as indicated in above article
Then You can select all users at a time in a given OU, or through saved query and right click and go to properties, under properties, on profile tab you could just setup \\servername\rootshare\%username%
This variable will create home folder for all users underneath root shared folder with appropriate permissions and also get mapped automatically for them during logon.
Once you done with that, you need to just move users existing data folder to newly created Home Directory for respective users
Then you may enable access based enumeration as my earlier Comment or you can follow below article so that user  can be able to view only his folder to which he has access.
http://blog.luxem.org/2010/07/how-to-setup-home-directories-on.html

Mahesh
Sandesh DubeyTechnical LeadCommented:
You need to check the GPO it could be due to script or map drive configured. You also need to check the desktop where users can see other folder it could be due to manual map drive, script, schedule task configure locally,etc.
LANengineerAuthor Commented:
This did the trick. All I did was disconnect the mapped drive, mapped it with that users credentials, and now all she can see is her folder. Thanks so much for your help!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows Server 2008

From novice to tech pro — start learning today.