ollybuba
asked on
AD Users Have Access to Folder Shares Other Than Whats Listed In AD Users and Computers
I have a few users that somehow have access to some folder shares other than what they have access to stated in AD under the "Member Of" tab. My folders have security groups which are what I tie the users to. I have also checked the folder shares to make sure that the users were not listed under groups nor security groups they were added in.
Any suggestions as to how I can fix this issue?
Thanks!
Any suggestions as to how I can fix this issue?
Thanks!
ASKER
The Maintenance-NTFS picture is the setting for all shared folders including the folders this user isn't able to view and shouldn't.
Maintenance-NTFS.JPG
Maintenance-Permissions.JPG
Member-Of.JPG
Maintenance-NTFS.JPG
Maintenance-Permissions.JPG
Member-Of.JPG
If you changed the permissions recently, be sure to have those users logoff then logon.
ASKER
I have not changed any settings recently.
You are certain that these users are not for any reason members of the servers local Administrators group? Either directly of through membership of another group?
Also of course that they are not domain admins.
Also of course that they are not domain admins.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I've checked a user and they are not part of any group that Enum says has permissions to that share.
Is it an entire folder of files or just certain files? e.g. say you have c:\main. Under that you have subfolder1 with some files. Also subfolder2 with some files.
Maybe all files in subfolder2 is exposed but not files in subfolder1.
Or, just certain files affected all over the place?
Maybe all files in subfolder2 is exposed but not files in subfolder1.
Or, just certain files affected all over the place?
ASKER
It would be for an example c:\maintenance. As in the parent directory.
Users will not be able to see something if they do not have permissions. Are these shares/folders visible to ALL users or just those in groups PLUS one or two others?
Can you paste some screen shots of share permission and ntfs permissions and group membership of a user that should not have access?
We could guess all night but without seeing something it will be a long process.