I am having an issue setting up a user to be able to change permissions on a folder and subfolders on a file server.
The file server is 2008 R2 and in a domain. I am the only administrator.
I have given this user (userA) the Full control permissions for this folder, and he can make, save, delete just fine. But he cannot change permissions of any subfolders in this folder.
Let me explain the situation….
Management wants all CAD models placed in the “PARTS” folder with userA being the only one to have read, write (full control) of this folder.
Inside the Parts folder is a folder named for each part number. Inside each part number folder is 4 folders (Master, Original, QA, Tooling).
The permissions are inherited from the parent as follows;
UserA = Full Control
Engineering = read & execute, list folder contents, read
I would like to have UserA to be in charge of this folder/subfolders and be able to change the permissions on the QA and Tooling folders, so Engineering group would have “Modify” rights on just these two folders.
(hope this all makes since)
How do I delegate rights for this user (UserA) to be able to do this without him being an admin of the server?
Client computers are Windows XP and Windows 7 pro.
The Parts folder is shared and users have the Parts folder mapped to their computers.
Sounds like a lot of micro-managing (and it is), if someone has a better solution, would like to here.
I tried both and still get "access denied" when I have the userA try to change permission on QA and Tooling folders.
Now the only thing I did different, was I created a group (GroupA) adding user to this group and use this instead of UserA. Will subinacl still work on a group instead of user?
Permissions show GroupA as Full control
subinacl shows all good in command prompt
(Done: 2049, Modified: 2049, Failed: 0, Syntax errors: 0)