Link to home
Start Free TrialLog in
Avatar of Fveng
FvengFlag for United States of America

asked on

Network share log folder permissions

I've been asked by management to log IM chats.  I've already got the logon script and gpo that will edit the registry keys and point the IM client to save the log files to a network share folder that is created when the logon script is run.

Now my concern is end users snooping around the network and finding this folder and reading everyone else's IM chats.  Chances are slim that this will even be noticed but if one person finds it this could be a huge problem.

So I would like to know how to setup permissions on the log folder that will allow the script to run and create the user folder but set permission in a way that will only allow the user and domain admins to have access to their folder.  The user folder should also allow the user with access to this folder to write but not view/read/delete/edit the log files it creates in this folder.

Any help will be appreciated.
ASKER CERTIFIED SOLUTION
Avatar of NVIT
NVIT
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Fveng

ASKER

Can't this be done just using windows permissions rather than a login script?  Sorry I'm not a script guy and the correct permissions could be set on the parent folder rather than a script.
If you mean using the Security tab, you'll have to enter each user manually.

If users have full control of their folder, they should be able to manually revise the rights as needed.

The batch file in this topic must be run by the domain admin. If all your users already ran the Shoretel script from your other topic they now have a chat folder. All that's left is for you as domain admin to run this batch file once and you'd be done.