Link to home
Start Free TrialLog in
Avatar of Indyrb
IndyrbFlag for United States of America

asked on

permission questions

I have users that have access via the authenticated users group with both read\write permissions.

Once we figure it out, we only want the authenticated users to be able to traverse to the folder the have permissions to

and not list the other folders...

so lets say share is in server1\DEPT

DEPT share could have 100 folders, I only want them to see what they have access to...

Also some servers are 2003, 2008, 2012

If a user has list permissions, does that mean they can open and read files if they exist in the root folder DEPT?

We might want users to be able to traverse and list -- but not open and read/write subfolders, and definately not files in root or anywhere they dont have access too.

so a few parts
Is list/read the same thing  2003,2008,2012
what does having traverse and list do
how to eliminate folders they dont have access to -- enumerate?
ASKER CERTIFIED SOLUTION
Avatar of kevinhsieh
kevinhsieh
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of Lionel MM
Lionel MM
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
SOLUTION
Avatar of kevinhsieh
kevinhsieh
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Indyrb
Indyrb
Flag of United States of America image

ASKER

So here is a little tid bit

We have olderserver1 and we need to move to newserver1

we used robocopy, 

@echo off
cls

set src=\\oldserver1\f$\dept\
set dst=E:\Dept01\Dept\   (on newserver1)
set swt=/MIR /ZB /SECFIX /TIMFIX /COPYALL /DCOPY:T /MT:128 /XO /R:100 /W:30 /NS /NC /NFL /NDL /NP /ETA /TEE
set log=C:\temp\robocopy_Dept1_log.txt
robocopy %src% %dst% %swt% /log:"%log%"

Open in new window


No when we compare the size of the old folder it is way larger, and the files are compressed.

On the newserver the E:\ drive looks like it has a lot of content, however the Dept1 folder (right click) shows way less in size.

I assume there is folders that we don't have permissions to that is not counting the space.

Do we need to have full access to all folders when copying the data -- and then how do we fix security on the newserver1.

I agree with access enumeration on the new server, but somehow permissions are all wacked out.. not sure what is what
Avatar of Indyrb
Indyrb
Flag of United States of America image

ASKER

the robocopy doesn't recreate shares, with permissions. any vbscript or powershell you can show code or send link
SOLUTION
Avatar of kevinhsieh
kevinhsieh
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial