Question
-
Topic
-
Am I doing this right, Shared Folder Permissions SBS2003?
LockedHi There –
I work at a very small nonprofit organization and have been handed the task of replacing our server. It is running SBS2003 Premium and I wanted to verify that I went about setting this up right in terms of access to the shared folders.
We are setting up a domain w/o My Documents redirection. I would like the users themselves to be able to install software on their computer. And want to setup shared folders on our D drive.
My intentions are to have 3 folders on the D drive setup to share 1 for our computer lab that allows access to Staff Members (Staff); Management (Special Staff), and our clients (Lab User) – all can create, modify, open etc…; A Staff Shared Folder, that can be accessed by Staff Members to save, create, edit share documents etc… and a secure data folder that only Special Staff can access NOT lab users; all folders etc… should not be able to be accessed unless they are a member of these 3 groups.
I setup 3 security groups:
Staff
Special Staff
Lab UserI then created 3 User Templates:
Staff Member (Added security groups: Staff, Domain User)
Special Staff Member (Security groups: Staff, Special Staff, Domain User)
Lab User (Lab User, Domain User)QUESTION 1: for some reason, in the Properties > Member of, Administrator Template and Power User Template have been added automatically. Is this correct or should I remove these?
Question 2: I then created 3 shared folders on the D: Drive; Staff Shared Folders, Lab Shared Folders, Secured Data
D: Drive is setup with Security (Full Control for Administrators and System, all check boxes unchecked for Domain Users)
Lab Shared Folders – Sharing/Permissions (Domain Users = Full Control); Security (Administrators/Staff/System=Full Control; Lab User = All check boxes EXCEPT Full Control/Special)
Staff Shared Folders – Sharing/Permissions (Domain Users = Full Control); Security (Administrators/Staff/System = Full Control; Lab Users = Deny)
Secured Data – Sharing/Permissions (Domain Users = Full Control); Security (Administrators/System/Special Staff = Full Control; Lab Users = Deny)
I have read a lot in the SBS 2003 administrators companion and online and have been having a hard time wrapping my mind around this. If someone could help point out if these setting are correct for what I want to do, I would greatly appreciate it!
Justin