Solved

List folder/Read data & Traverse folder/Execute file rights

Posted on 2014-01-29
2
993 Views
Last Modified: 2014-01-29
Hello,

I have a Server 2012 DC for a customer providing network shares. ABE is enabled on the shares.

I have setup the group policy to allow access to folder 1, 2, 3 for team members.
Team members have modify rights on folders 1, 2, 3 with explicit deny on 4 & 5

I have setup the group policy to allow access to folder 1, 2, 3, 4, 5 for team leaders.
Team leaders have modify rights on folders 1-5

I have setup the group policy to allow access to folder 2 for volunteers.
Volunteers have traverse folder and list folder on the root share folder and modify rights on folder 2.

When I map the drive as volunteer I am correctly displayed the folder 2 and its subsequent sub folders.
The above is setup and works fine.

The odd behavior starts when I've tried to allow volunteers access to folder 3.2 & 3.3 and their subsequent subfolders.

I've given the volunteers traverse and list folder rights to folder 3 and given them modify rights on folder 3.2 and 3.3
I would've expected this to give me folder 3 when the share is connected with only 3.2 and 3.3 displayed but it hasn't.
I can however connect to folder 3.2 and 3.3 directly but cannot traverse 3 to get to them.

Example:
Share
> 1
> 2
-> 2.1
-> 2.2
> 3
-> 3.1
-> 3.2
-->3.2.1
-->3.2.2
-> 3.3
--> 3.3.1
--> 3.3.2
--> 3.3.3
-> 3.4
> 4
> 5


What am I missing?
0
Comment
Question by:purpleoak
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
2 Comments
 
LVL 2

Accepted Solution

by:
purpleoak earned 0 total points
ID: 39818303
Found the solution by doing the following:

volunteers given read for this folder only on 3
volunteers given traverse and list for this folder, subfolders and files on 3
volunteers given full control to folders 3.2 and 3.3
0
 
LVL 2

Author Closing Comment

by:purpleoak
ID: 39818307
found the answer myself by testing thoroughly on my server locally
0

Featured Post

Is Your DevOps Pipeline Leaking?

Is your CI/CD pipeline a hodge-podge of randomly connected tools? You’ve likely got a tool to fix one problem & then a different tool to fix another, resulting in a cluster of tools with overlapping functionality. Learn how to optimize your pipeline with Gartner's recommendations

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question