asked on

Share and NTFS permissions in Windows

I have a question about shared and NTFS permissions in Windows 2012. I have a main folder called Company and under it I have Accounting and IT. I need user A to have access to Accounting and user B to have access to accounting and IT. I can get everything to work but I need user A to not see the IT drive in the Company folder. I don't know how to do this. All users should only see drives they have access to and not see other drives in the Company folder.
Here is how I have assigned permissions: Company folder Shared with Everyone -Full Permissions and for NTFs permissions Domain Admins -Full , and Domain Users - Read.

Accounting folder has sub folder DEPT- DEPT gets full Admin and then USer A and B gets Modify (NTFS permissions)
Accounting- NTFS permissions- User A and B gets read.

IT folder has sub-folder DEPT- DEPT gets full Admin and then User B gets Modify (NTFS permissions)
IT Folder- NTFS permissions- User B gets read.

Goal is for user A to only see Accounting and it's contents and not see IT. User B should see and access both accounting and IT.

NVIT

What's the Share and Ntfs security settings on the IT folder itself?

Ntfs settings of IT folder should not have Domain Users, Authenticated Users, or Everyone

NVIT

Best practice is to put users into groups. Then, give groups ntfs permissions to folders

ASKER CERTIFIED SOLUTION

Seth Simmons

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

William Fulks

If you want them to "not see" a folder then put it elsewhere. Otherwise, it won't really matter if they see it so long as they are denied permission to open it. You're question seems to be more about visibility than access, right?

anosh11

ASKER

All thanks for all the help but Seth Simmons you hit the nail on the head for me. This is what I was missing. Thank you for the support.