Our corporate fax machine is set to not print out the faxes but create a PDF of the incoming fax and place it into a directory on our file server. Our receptionist is responsible for monitoring this folder and distributing the faxes to the appropriate people.
I am in the process of setting up a new file server running Server 2012 R2. My folder structure is as follows:
- HQ Incoming
I currently have a "Receptionist" group. This group is a used as a role group and contains the user Emily as the member of the group. I then have another group titled "ACL_Reception_Edit" that is used as a rule group. The member of this group is the "Receptionist" role group. The "ACL_Reception_Edit" group is then given modify permissions on the "Reception" share. This then allows Emily to read and write to the "Reception" share as she should be able to . This follows the Role-Based Management philosophy and is working as intended.
As a recap...incoming faxes are automatically saved as PDFs in the "HQ Incoming" directory. When Emily sees a new fax in this folder, she emails the PDF to the appropriate person and then moves the file into the "Distributed" folder.
The problem lies in the fact that when Emily is not at work then Mary is responsible for monitoring the incoming fax folder and distributing the files appropriately. However, Mary is not a receptionist and should not have access to any of the other folders and files within the "Reception" directory besides the "Faxes" folder and any subfolders under that directory.
Is it possible to have Mary go into the "Reception" folder and see no files or folders besides the "Faxes" directory? If so then what permissions need to be set for this to happen?