purpleoak
asked on
List folder/Read data & Traverse folder/Execute file rights
Hello,
I have a Server 2012 DC for a customer providing network shares. ABE is enabled on the shares.
I have setup the group policy to allow access to folder 1, 2, 3 for team members.
Team members have modify rights on folders 1, 2, 3 with explicit deny on 4 & 5
I have setup the group policy to allow access to folder 1, 2, 3, 4, 5 for team leaders.
Team leaders have modify rights on folders 1-5
I have setup the group policy to allow access to folder 2 for volunteers.
Volunteers have traverse folder and list folder on the root share folder and modify rights on folder 2.
When I map the drive as volunteer I am correctly displayed the folder 2 and its subsequent sub folders.
The above is setup and works fine.
The odd behavior starts when I've tried to allow volunteers access to folder 3.2 & 3.3 and their subsequent subfolders.
I've given the volunteers traverse and list folder rights to folder 3 and given them modify rights on folder 3.2 and 3.3
I would've expected this to give me folder 3 when the share is connected with only 3.2 and 3.3 displayed but it hasn't.
I can however connect to folder 3.2 and 3.3 directly but cannot traverse 3 to get to them.
Example:
Share
> 1
> 2
-> 2.1
-> 2.2
> 3
-> 3.1
-> 3.2
-->3.2.1
-->3.2.2
-> 3.3
--> 3.3.1
--> 3.3.2
--> 3.3.3
-> 3.4
> 4
> 5
What am I missing?
I have a Server 2012 DC for a customer providing network shares. ABE is enabled on the shares.
I have setup the group policy to allow access to folder 1, 2, 3 for team members.
Team members have modify rights on folders 1, 2, 3 with explicit deny on 4 & 5
I have setup the group policy to allow access to folder 1, 2, 3, 4, 5 for team leaders.
Team leaders have modify rights on folders 1-5
I have setup the group policy to allow access to folder 2 for volunteers.
Volunteers have traverse folder and list folder on the root share folder and modify rights on folder 2.
When I map the drive as volunteer I am correctly displayed the folder 2 and its subsequent sub folders.
The above is setup and works fine.
The odd behavior starts when I've tried to allow volunteers access to folder 3.2 & 3.3 and their subsequent subfolders.
I've given the volunteers traverse and list folder rights to folder 3 and given them modify rights on folder 3.2 and 3.3
I would've expected this to give me folder 3 when the share is connected with only 3.2 and 3.3 displayed but it hasn't.
I can however connect to folder 3.2 and 3.3 directly but cannot traverse 3 to get to them.
Example:
Share
> 1
> 2
-> 2.1
-> 2.2
> 3
-> 3.1
-> 3.2
-->3.2.1
-->3.2.2
-> 3.3
--> 3.3.1
--> 3.3.2
--> 3.3.3
-> 3.4
> 4
> 5
What am I missing?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER