Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Permissions

Status
Not open for further replies.
Hondy

Hondy

Technical User
Mar 3, 2003
864
GB
Hi

I want to create a directory tree like the following

I have a share \\server\users (everyone read/modify), with directory permissions (domain - read, modify, create)

I want to have users as follows:
\\server\users\jbloggs\
\\server\users\jsmith\

Obviously I don't want jbloggs to be able to access jsmith and vice versa.

the user folder is dynamically created when they log in by the following path in there roaming profile

\\server\users\%username%\profile

It works fine except that the users can view each others folders. I don't want to edit the permissions manually on each user, I want the inherited permissions to do it for me.

Is it possible or am I going to have to edit each new users permissions to take off domain user access?

Thanks

Hondy
 
Sort by date Sort by votes
It sounds like the permissions are being inherited from the \\server\users folder. Give basic permissions on that folder and you should then be ok. When the folder is created at first login, you find that it will inherit the base folder then add permissions for the users folder.

!!!
 
Upvote 0 Downvote
dan

Thanks for the reply. Thats how it is currently set up, the permissions are inherited in this way. The problem is that I can't make it inherit permissions specific to the users. That is, it will inherit "domain users" but this allows access from one user to the other. I can't set "jsmith" specifically to the folder without manually doing it. If I remove "domain users" then the user doesn't have permission to auto-create the folder on log on.

So it seems there is no automatic way to do it, is there?

Cheers
 
Upvote 0 Downvote
OK - have found out what is wrong with my config - it's because when you use AD to create the profile directory using %username% the folder doesn't inherit it's parents permissions. Any other directory created in the normal way does inherit, I can manually force the profile directory to inherit but I don't want to have to remember to do this for each new user.

Does anyone know how to force the permissions to inherit or to add in domain admins to the folder automatically?

Thanks
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

kurio71
  • Locked
  • Question
Clean Install of 2016 - NTFS permissions
Replies
1
Views
212
hairlessupportmonkey
hairlessupportmonkey
gbaughma
  • Locked
  • Question
Shared folder permissions
Replies
0
Views
137
gbaughma
gbaughma
kurio71
  • Locked
  • Question
Restrict Permissions on Parent Directory
Replies
2
Views
182
kurio71
kurio71
arell12
  • Locked
  • Question
NTFS permissions
Replies
1
Views
190
markdmac
markdmac
mkrausnick
  • Locked
  • Question
Can't write to folder even though Active Directory effective permissions shows full control
Replies
1
Views
216
mkrausnick
mkrausnick

Part and Inventory Search

Sponsor

Back
Top