List folder/Read data & Traverse folder/Execute file rights
Posted on 2014-01-29
I have a Server 2012 DC for a customer providing network shares. ABE is enabled on the shares.
I have setup the group policy to allow access to folder 1, 2, 3 for team members.
Team members have modify rights on folders 1, 2, 3 with explicit deny on 4 & 5
I have setup the group policy to allow access to folder 1, 2, 3, 4, 5 for team leaders.
Team leaders have modify rights on folders 1-5
I have setup the group policy to allow access to folder 2 for volunteers.
Volunteers have traverse folder and list folder on the root share folder and modify rights on folder 2.
When I map the drive as volunteer I am correctly displayed the folder 2 and its subsequent sub folders.
The above is setup and works fine.
The odd behavior starts when I've tried to allow volunteers access to folder 3.2 & 3.3 and their subsequent subfolders.
I've given the volunteers traverse and list folder rights to folder 3 and given them modify rights on folder 3.2 and 3.3
I would've expected this to give me folder 3 when the share is connected with only 3.2 and 3.3 displayed but it hasn't.
I can however connect to folder 3.2 and 3.3 directly but cannot traverse 3 to get to them.
What am I missing?