Solved

File Sharing and Security Setting

Posted on 2014-03-18
5
303 Views
Last Modified: 2014-03-19
Some changes were made in the sharing and security of our network folders and I am unable to restore them to allow the sharing and security settings that were originally in place.

A drive was set up on a Windows 2008 server to allow various types of sharing. We want to allow a user to access their folder, add/delete/modify files and folders within their folder but no one else’s.

Drive H:\USERS\MSMITH

H:\Sharing is set to full for everyone

Users\ (Security) is set to ‘inherit’, -Read – Write (when I remove ‘write’, no one can save to their own folder but when write is added, any user can access all folders)

MSMITH\ (Security) is set to modify for msmith only.

What is the proper way to set this up? Is there a roll-back for these settings in 2008 server? THANKS
0
Comment
Question by:bizzie247
  • 2
  • 2
5 Comments
 
LVL 3

Assisted Solution

by:SandeepWalve
SandeepWalve earned 250 total points
ID: 39937669
Share Permissions should be Full for everyone
NTFS Permissions Administrators Full
Domain Admins Full
Authenticated Users Read Only (This Folder Only)

And for Individual Folders permissions should be Full so they can do the modifications for their own data only

http://blogs.technet.com/b/migreene/archive/2008/03/24/3019467.aspx
0
 
LVL 12

Accepted Solution

by:
kadafitcd earned 250 total points
ID: 39937748
This is all assuming you have Administrative or Domain Administrative privs to the User and Users folders.  If you don't then you need to make sure that you give yourself the privs and checkmark replace all child entries.  That way you don't lock yourself out.

Go into Advanced Security and Change this to have (Everyone - no control) with the checkmark on replace all child entries :

Users\ (Security) is set to ‘inherit’, -Read – Write (when I remove ‘write’, no one can save to their own folder but when write is added, any user can access all folders)

Apply it and OK it out.

Go back into Advanced Security and change it to (Everyone - Read) and uncheckmark replace all child entries and Apply it and OK it out.

Then make sure everyone has read/write privs to their own folders one by one.  

This will make sure that no one can add or remove folders from the Users Folder.  You would be surprised how many user folders will get deleted or files get moved into the Users folder by accident.
0
 

Author Closing Comment

by:bizzie247
ID: 39939845
I understood this to be the same solution, just written differently. Additionally, I had to effectively start over, using your solution. I had to re-add 'modify' to each user folder. THANKS!!
0
 
LVL 12

Expert Comment

by:kadafitcd
ID: 39940854
Just remember adding modify to Read/write on the folders gives them the ability to delete their own shared folder.  I would suggest leaving it at read/write or you may have users who accidentally delete the folders.  Sometimes being over cautious protects us from the users who really have no business using a computer... ;)
0
 

Author Comment

by:bizzie247
ID: 39941232
Thanks, will do...
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
New Windows 7 Installations take days for Windows-Updates to show up and install. This can easily be fixed. I have finally decided to write an article because this seems to get asked several times a day lately. This Article and the Links apply to…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…
Windows 8 came with a dramatically different user interface known as Metro. Notably missing from that interface was a Start button and Start Menu. Microsoft responded to negative user feedback of the Metro interface, bringing back the Start button a…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

16 Experts available now in Live!

Get 1:1 Help Now