Question

Locked

Permissions setup incorrectly?

By thamilton ·
Unless Im missing something [or just plain stupid], I cant figure out why I keep getting access denied errors for what Im trying to do.

Heres the scenario...

User1 is a member of notourdomain.com but has been setup with a vpn client that connects to our internal server called \\Fileserver under the account Fileserver\User1.

1. User1 wants to use folder "B" which is a subfolder of folder "A".

2. Folder "A" contains subfolders that we do not want User1 to view or access, other than folder "B" of course..

3. In the Security tab of folder "A", I have denied the following permissions for User1:

Modify
Read & Execute
List folder contents
Read
Write

4. In the security tab of folder "B", I have allowed the following permissions for User1:

Modify
Read & Execute
List folder contents
Read
Write

5. I have also unchecked the "Allow inheritable from the parent to propogate this object and all child objects" options.

So, from User1's workstation, I have mapped a network drive to \\Fileserver\A\B using the "connect as a different user" option with the credentials Fileserver\User1. When User1 tries to add a new item to the "B" folder, they get an "Access is denied error". I have viewed the effective permissions tab for folder "B" and it says that "User1" has write permissions. What am I missing?

This conversation is currently closed to new comments.

3 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Answers

Collapse -

4 questions.

by deepsand In reply to Permissions setup incorre ...

1) What OS(es) is(are) here involved?

2) Is the problem only with a "Write" that is attempting to create a new file?

3) Does the problem vanish if you remove the restrictions re. User1 from Folder A?

4) Does the same problem occur for local clients, or only for the vpn one?

Collapse -

Child inherits from Parent

by CG IT In reply to 4 questions.

if it's Windows NTFS the child inherits permissions from the parent. The most restrictive applies. unless you block inheritance.

If the user is not allowed to read, write, modify, view the contents of Folder A but you grant permission to that user for subfolder B contained in Folder A, the most restrictive permission applies, the user is denied permission.

Collapse -

...

by Sandcrawler In reply to Child inherits from Paren ...

Sounds like folder A is the restriction, you need to allow them into folder A as so they can view folder B, but then only allow them permission to folder B and restrict access to all the other folders in there.

This will have the same effect as you want but they will be able to see the folders and not do anything with them rather than what you are trying to acheive, i think, is take them straight through to folder B.

Back to Networks Forum
3 total posts (Page 1 of 1)  

Related Discussions

Related Forums