NTFS Permission Issue on network share

Greetings.

We have a network share, Users ... mapped as "U" drive for end users.
It's an iSCSI mapped drive on a Windows Server 2008R2 system.

The "share" is permissioned fine .... Everyone "Full"

The NTFS permissions are as follows:
-System (Full)
-Domain Admins (Full)
-Domain Users (List)

Each subfolder is permissioned only with System (Full), Domain Admins (Full), and the particular user (Full)

Every so often ... random, but maybe once or twice a year ... Domain Users, and thus the "List" permission, disappears from the root.  I do not know why this is occurring.  I am the only Domain Admin in the joint.

This is generally not an issue, because the U: drive is mapped directly to the subfolder.

This *is* an issue when some of our users need to use our web-based SSL VPN, which maps the root.  Users then browse to their own folder.  Without "List", they get an error even accessing the root.

Any ideas ?  Maybe VSS or some other process is removing Domain Users from the root.

Thanks.
-Stephen
lapavoniAsked:
Who is Participating?
 
CoralonCommented:
I would turn on auditing on that share looking for the permissions change on the object.  You can add a script to the system to sweep the eventlog frequently (say once a minute) and have it email you when the correct event occurs.  Be sure that you do *not* set that auditing permission to inherit, or you will be flooded with useless events.

Coralon
0
 
MaheshArchitectCommented:
As far as I know there is no process designed to remove existing user access from NTFS \ Share ACL

Check if you have any schedule task runs which can call utilities like ICACLs \ Subinacl \ SetAcl and removes those permissions
OR may be somebody manually do that

Above powerful utilities are able to do that

Might be you should have any standard user \ group full control permissions on share root and they might removed it accidently
U can change those permissions from full control to modify and see..
0
 
Lionel MMSmall Business IT ConsultantCommented:
I can only tel you that this happens to me too, it is very frustrating and I have been dealing with it on one of my clients servers in particular and I am the only Admin too. I too cannot find a cause or reason so although I can't offer a solution, it is not unique to you.
0
 
lapavoniAuthor Commented:
I had one task scheduled for a non-existent utility that used to monitor large file transfers. Don't think that caused the problem. I can enable auditing and wait a few months to see if/when it recurs :-)   Thanks, both.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.