Jre19611
asked on
Windows 2012 Folder Permissions Issues
we have a windows 2012r2 file server and setup a shared folder on drive d: to all our users that have a profile setup in active directory to connect to their H: drive. It was orginal on a Windows 2008 server and moved it to the new Windows 2012r2 server and having issues with permissions. The folder tree is on drive d: and its \share\drives\faculty\ and then the user name. What permissions do i need to give the folder so that only that user has access to his or her folder inside of \share\drives\faculty and no one elses.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
The current permissons are as follows on the Windows 2012 server Faculty folder.
Under security tab it shows: system; administrator@domain; faculty@domain; administrator@local; administrators@local;
no old server to go by.
Under security tab it shows: system; administrator@domain; faculty@domain; administrator@local; administrators@local;
no old server to go by.
You'll want to view those permissions in the Advanced permission window (click advanced when viewing the security tab). Edit Faculty@domain and make sure that one is set so it applies "Only to this Object". If you don't want administrator accounts to be able to read the files in each folder, make sure all the other settings are the same. Add CREATOR OWNER to the permission list and grant it read and write permission, then make sure each folder is owned by the user it belongs to.
CREATOR OWNER will be special permissions
SYSTEM will be full control
Faculty will be full control
Domain admins group will be full control
Administrators group (server\Administrators will be full control
You can loop back later and edit permission on the admin accounts that you don't want to be able to get into users folders , but domain and or enterprise admins will need access to them.
SYSTEM will be full control
Faculty will be full control
Domain admins group will be full control
Administrators group (server\Administrators will be full control
You can loop back later and edit permission on the admin accounts that you don't want to be able to get into users folders , but domain and or enterprise admins will need access to them.
Do you still have the 2008 server? You can check how the structure of that share was originally setup.