Solved

Windows 2008 File Permissions

Posted on 2014-04-08
3
156 Views
Last Modified: 2014-07-23
I know this is simple, but forgive me, I haven't had to work on folder permissions in years. This is what I'm trying to do.

In a school setting, I'm trying to set up a folder for each student that mounts when they log in.

I have a shared folder called Student Folders.

Underneath that, are folders for the graduating year, 2014, 2015, 2016, etc.

Inside those folders are the individual student folders. For example, inside the 2014 folder, I have folders named bjones, lsmith, etc. which correspond with their usernames.

The way I have it set up now, is that each student id belongs to a group called STUDENT. The STUDENT group has access from the top to the bottom. i.e. Student Folders --> 2014 --> bjones.

This works just fine. All of the clients are Macs, so when the student logs in, his network folder mounts on his dock.

The problem is, ALL students can get into all other students' folders. I only want a student to see his own folder. So when bjones logs in, he gets to Student Folders --> 2014 --> bjones .

Other info ...

bjones' profile in AD has the radio button selected for "connect to" set to :

\\servername\Student Folders\2014\bjones .

And again, Student Folders is set up as a shared folder.

How do I set this up so that each student sees only his own stuff?

Thanks,

Glen
0
Comment
Question by:glenj1978
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 37

Accepted Solution

by:
Mahesh earned 500 total points
ID: 39986000
So basically you have setup home directories in active directory for each users

Now you can try below

On students folder ensure that share permissions are set to change for authenticated users \

Then go to NTFS security of students folder and grant permissions to authenticated users as "List folder Contents", remove other permissions from here if you already have
Now ensure that on each year wise folder authenticated user have only "list folder contents" permissions and in advanced permissions ensure that permissions scope is limited to "This folder only"
Now further drill down to each user home drive and ensure that only respective user has got full control permissions on his home drive
If you found authenticated users full control permissions here, then probably users can access others home directories
In that case you need to remove authenticated users from every home directory folder

You may try this 1st on test users and by creating test folders and if got successful, replicate it on production home drives

Mahesh.
0
 

Author Comment

by:glenj1978
ID: 39986101
These folders are all inheriting permissions. Should they not be doing that? And should I remove the STUDENTS group in the permissions?
0
 
LVL 37

Expert Comment

by:Mahesh
ID: 39986153
Inherited permissions to whom on which folder?

Students group has got what permissions on which folder ?
According to me, The problem here is students group has got inherited permissions on all home directories causing any user can access all home directories

Your home drive permissions should be like below so that every user can get access to his home directory only.
http://support.microsoft.com/kb/555046

Mahesh.
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Scenario:  You do full backups to a internal hard drive in either product (SBS or Server 2008).  All goes well for a very long time.  One day, backups begin to fail with a message that the disk is full.  Your disk contains many, many more backups th…
I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
This tutorial will walk an individual through the steps necessary to install and configure the Windows Server Backup Utility. Directly connect an external storage device such as a USB drive, or CD\DVD burner: If the device is a USB drive, ensure i…
This tutorial will walk an individual through setting the global and backup job media overwrite and protection periods in Backup Exec 2012. Log onto the Backup Exec Central Administration Server. Examine the services. If all or most of them are stop…
Suggested Courses

622 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question