Link to home
Start Free TrialLog in
Avatar of itadminhelp
itadminhelpFlag for Australia

asked on

Provide full access to 1 user to Everyone's HOME drive

Home drive gets created on the share when they login first time.

Path for home drive
\\servername\share$\usershare\%username%

So when user "John" logs in the home drive folder would be
\\servername\share$\usershare\John

"John" folder gets created with no inheritance from parent permission. It gives just John and administrators permission to the folder.
I want to give user "Sam"(who is not in  administrative group ) full permission to all folders under usershare folders(Which would be home folder to all other users).

I don't want to do it manually because it will take just too long to go through each folders.

Is  there a quick way to doing it? Through Any Group policy?
Avatar of Larry Struckmeyer MVP
Larry Struckmeyer MVP
Flag of United States of America image

What are the conditions of the connection by Sam?  Both John and Sam are on the same LAN, on different computers, at the same time?

While this is technically possible, I think you should create a top level share on the root of the server and give all required users the necessary permissions and security, then have your users store files and folders that are to be shared in that share.
ASKER CERTIFIED SOLUTION
Avatar of Coralon
Coralon
Flag of United States of America image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Create a group for admins add to the root.
Add Creator Owner to the root.
Give the admins the required permissions and same for Creator Owner. Allow these permissions to propagate down the tree.

Moving forward when a user logs in for the first time the folder will be created. They are the creator owner so permissions will all be right. In addition any new admins can be added to the admins group.

As for the existing folders you will need to change the OWNER of each folder to point to the user. This can be done with a script using  icacls.exe