anosh11
asked on
Share and NTFS permissions in Windows
I have a question about shared and NTFS permissions in Windows 2012. I have a main folder called Company and under it I have Accounting and IT. I need user A to have access to Accounting and user B to have access to accounting and IT. I can get everything to work but I need user A to not see the IT drive in the Company folder. I don't know how to do this. All users should only see drives they have access to and not see other drives in the Company folder.
Here is how I have assigned permissions: Company folder Shared with Everyone -Full Permissions and for NTFs permissions Domain Admins -Full , and Domain Users - Read.
Accounting folder has sub folder DEPT- DEPT gets full Admin and then USer A and B gets Modify (NTFS permissions)
Accounting- NTFS permissions- User A and B gets read.
IT folder has sub-folder DEPT- DEPT gets full Admin and then User B gets Modify (NTFS permissions)
IT Folder- NTFS permissions- User B gets read.
Goal is for user A to only see Accounting and it's contents and not see IT. User B should see and access both accounting and IT.
Here is how I have assigned permissions: Company folder Shared with Everyone -Full Permissions and for NTFs permissions Domain Admins -Full , and Domain Users - Read.
Accounting folder has sub folder DEPT- DEPT gets full Admin and then USer A and B gets Modify (NTFS permissions)
Accounting- NTFS permissions- User A and B gets read.
IT folder has sub-folder DEPT- DEPT gets full Admin and then User B gets Modify (NTFS permissions)
IT Folder- NTFS permissions- User B gets read.
Goal is for user A to only see Accounting and it's contents and not see IT. User B should see and access both accounting and IT.
Best practice is to put users into groups. Then, give groups ntfs permissions to folders
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
If you want them to "not see" a folder then put it elsewhere. Otherwise, it won't really matter if they see it so long as they are denied permission to open it. You're question seems to be more about visibility than access, right?
ASKER
All thanks for all the help but Seth Simmons you hit the nail on the head for me. This is what I was missing. Thank you for the support.
Ntfs settings of IT folder should not have Domain Users, Authenticated Users, or Everyone