[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

NTFS Permissions on Server 2008 R2, allowing access to subfolder only

Posted on 2014-02-07
6
Medium Priority
?
1,401 Views
Last Modified: 2014-02-15
Hi,
I have inherited a really messy file server and am having problems getting the right access to  user to a subfolder.

Have a Departments Share. Inside that share there are a large number of sub folders that don't have any individual share, just NTFS permissions.

Have an Accounting folder inside the departments share, and a folder "needs access" inside that. So I have a user I want to be able to mount the share Departments (works), then click Accounting Folder and only be able to see the list of folders underneath and then click "Needs Access folder" to which they have full access.

Thought that setting special permission Traverse Folder/Execute on folder Accounting for this user, then setting NTFS permissions on the Needs Access folder would allow this to work but when I try this the user is unable to open the Accounting Folder.

I have setup a share directly to the "Needs Access" folder to get around this but would like to get this setup correctly.
0
Comment
Question by:adamant40
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 38

Expert Comment

by:Mahesh
ID: 39842733
What share permissions do you have on departmental share folder ?

It must have change share permissions to users on departmental folder, and then you need to give users list folder contents \ read, read and execute and list folder permissions on same folder with this folders, subfolders and files as a scope if you want users to access all folders underneath departmental share folder
OR
this folder only as a scope if you want that users should be able to access specific folders only underneath departmental share folder.
Further,This permissions must be getting inherited by accounting folder and then on "Need Access" folder you should give him modify \ required permissions.

May be your inherited permissions are not applying \ getting inherited by accounts folder

In that case check ownership of all 3 folders
If ownership is different, you need to take ownership of departmental folder 1st with "Replace owners on sub container" option selected so that you can apply permissions seamlessly

Mahesh
0
 
LVL 23

Expert Comment

by:Patrick Bogers
ID: 39842734
A) how is rights inheritance arranged?
Can you post screens of the ntfs and security tabs?
0
 

Author Comment

by:adamant40
ID: 39842896
Stuck on another issue, will respond when I can. Thank you for your replies.
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Accepted Solution

by:
adamant40 earned 0 total points
ID: 39847786
Well stumbled across the settings that woud give me the desired results.  
ON Accounting I did special and then
Traverse Folder
List Folder
Read Attributes
Read Permissions
and APPLY to: This folder only.
0
 
LVL 38

Assisted Solution

by:Mahesh
Mahesh earned 1500 total points
ID: 39847846
If need access is the only folder underneath accounting folder to which users need access, then you have done correct.
But again you need to give modify NTFS permissions on Need access folder with This folder, subfolder and files as apply to scope so that users can work with that folder

Mahesh
0
 

Author Closing Comment

by:adamant40
ID: 39861143
Accepted my comment as it was the exact settings that worked.
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this post we will be converting StringData saved within a text file into a hash table. This can be further used in a PowerShell script for replacing settings that are dynamic in nature from environment to environment.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…

649 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question