Permission settings for home folders - TechRepublic
Question
August 5, 2009 at 07:10 AM
cassiusaugusta

Permission settings for home folders

by cassiusaugusta . Updated 16 years, 11 months ago

Since the other thread died out, (see https://www.techrepublic.com.com/5208-1035-0.html?forumID=101&threadID=314408&messageID=3130578 ) and this is a separate issue than the original reason why it was created, I’ve started a new question.

The situation:
Students are able to UNC to the current home folder share and browse other user folders. (Same deal with teachers).

The solution:
A test-bed where I limit permissions & access to other folders

The setup:
Hard drive partitioned so that the staff & students have their own, separate space for quota management.

Staff$:
Sharing permissions:
Domain Administrator, Domain Admins, Domain Users, Technology : Full control
Students: Deny

NTFS Permissions:
Domain Administrator, Domain Admins, Technology, System, Creator Owner : Full Control
Domain Users: This folder only: List folder/Read Data

So here’s the issue currently: I can set it up so that users cannot UNC to the share path, but when I use AD to populate the home directory mapping, it populates the Server Administrator, and then users can UNC to another users home folder.

Example:
TestTeacher can UNC to TestTeacher1 and create or delete documents after the folders have been populated in AD.

If I go in and uncheck inherit permissions from parent and remove the server admin, then it all works PERFECTLY as planned.

BUT – I cannot MANAGE this solution, since I have some odd 1500 users to deal with!

Please help out with suggestions & solutions! Thanks!

This discussion is locked

All Comments