[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1057
  • Last Modified:

List folder/Read data & Traverse folder/Execute file rights

Hello,

I have a Server 2012 DC for a customer providing network shares. ABE is enabled on the shares.

I have setup the group policy to allow access to folder 1, 2, 3 for team members.
Team members have modify rights on folders 1, 2, 3 with explicit deny on 4 & 5

I have setup the group policy to allow access to folder 1, 2, 3, 4, 5 for team leaders.
Team leaders have modify rights on folders 1-5

I have setup the group policy to allow access to folder 2 for volunteers.
Volunteers have traverse folder and list folder on the root share folder and modify rights on folder 2.

When I map the drive as volunteer I am correctly displayed the folder 2 and its subsequent sub folders.
The above is setup and works fine.

The odd behavior starts when I've tried to allow volunteers access to folder 3.2 & 3.3 and their subsequent subfolders.

I've given the volunteers traverse and list folder rights to folder 3 and given them modify rights on folder 3.2 and 3.3
I would've expected this to give me folder 3 when the share is connected with only 3.2 and 3.3 displayed but it hasn't.
I can however connect to folder 3.2 and 3.3 directly but cannot traverse 3 to get to them.

Example:
Share
> 1
> 2
-> 2.1
-> 2.2
> 3
-> 3.1
-> 3.2
-->3.2.1
-->3.2.2
-> 3.3
--> 3.3.1
--> 3.3.2
--> 3.3.3
-> 3.4
> 4
> 5


What am I missing?
0
purpleoak
Asked:
purpleoak
  • 2
1 Solution
 
purpleoakAuthor Commented:
Found the solution by doing the following:

volunteers given read for this folder only on 3
volunteers given traverse and list for this folder, subfolders and files on 3
volunteers given full control to folders 3.2 and 3.3
0
 
purpleoakAuthor Commented:
found the answer myself by testing thoroughly on my server locally
0

Featured Post

SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now