I am struggling with folder permissions on server 2012, and would like some help with the following please.
I have a route folder called UMA, under that I have various sub folders like IT, HR, Business Development and so on. I have created the users and groups by department and would like to achieve the following:
1. All groups to be able to see the UAM share and sub folders within UMA
2. All groups should not be able to add any extra folders to the main UMA folder (root).
3. Only groups that the system administrator add to the each sub folders should be accessible by that one group.
4. Once that group has access to their corresponding folder they should be able to add folders but not be able to delete but can delete file with any sub folder.
I hope that explain my situation and is following best practice but if not I would be happy to take advice.
Many thank in advance.
1. Right-click the UAM folder >properties>security tab >click advanced Now take a screenshot of what you have in there.
2. Click change permissions, uncheck Include inheritable permissions from this object's parents
3. Add all the groups that need to see the UAM folder and for each group click edit and give them list folder/read data "allow"
Give SYSTEM "full control", Give your "system Administrator user or group" full control
4. For each folder for your specific groups you will do steps 1 and 2 and 3, but for the corresponding groups to their folders you will highlight the group click edit and
list folder/read data allow
create folders/append data allow
create files/ write data allow
delete subfolders and files allow
You can pretty much customize it to your liking in this section.