Link to home
Start Free TrialLog in
Avatar of pativedha
pativedhaFlag for Canada

asked on

File permissions Server 2008r2 wide open


Our organization has acquired a new network through an amalgamation. The old IT Admin was not part of the deal. Upon investigation into effective permissions of folders it's obvious that they are misconfigured, i.e. the barn doors are open.
It's a Server 2008 r2 containing a root folder C:\folderredirection that holds RDS users' data.
Below are some screen shots of the current folder permission config.

User generated image
sample user folder within C:\folderredirection

Obviously I would like to lock down folder access to admin and the folder's user.
This server will be active for only three more months but is a production environment that so I need to tread lightly in correcting this.

I very much appreciate any advice or guidance.
User generated image
Avatar of Muhammad Burhan
Muhammad Burhan
Flag of Pakistan image

There are Two types of permissions, NTFS and SMB or share permissions.

NTFS are responsible for who can write/edit or create files and folders.
where share permissions are for who can access them by share.

if NTFS permissions on 'Folder1' are on Full control to 'user1' and if Share permission is set to deny read/write access to 'user1' so ultimately 'user1' have no access to that folder on share.

the best practice is to set permissions with both perspective NTFS and Share.

if you want to give share access to only 'user1' to the folder '\\server\folder' then click on change permission on the bottom right in above screenshot and just add 'user1' in share permissions.
same procedure apply if you want to give permissions to any group like domain users etc.
Avatar of MasonWexler

Link to home
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial