It was my understanding that if I created a shared folder and gave everyone read rights then had NTFS rights on the folders inside the share that users would only be able to see/access the folders inside the share that they had NTFS rights to. It appears share rights are overriding NTFS rights.
c:\usershare security System, domain admins and administrators have full control
usersshare security everyone has read
c:\usershare\user1 admins and user1 have NTFS access
c:\usershare\user2 admins and user2 have NTFS access
However user 1 can access user2 data and user2 can access user1 data
What I want is everyone to see the share and only the folders they have access to within the share. I missing something simple but don't see it