powlaz

Hello Tech Support Forums. Thanks for having me. I'm new to the forums but should be a regular in no time

Anyway - here goes. I need a little help. Maybe I've just been dwelling on this too long. I changed the security setting for 50 folders on my server. Each of these folders was a subdirectory of a folder whose permissions allowed for Full Control by Everyone. That just wasn't going to work.

So I changed the security permissions of these subdirectories to include only the main user and the administrators group. The problem is that the permissions did not propagate to the files contained within. I now have thousands of files that nobody can access and . . . I'm need a little help with how to set the security permissions for these files.

The files/folders all reside on a server running Windows 2000 Server Std. and Active Directory (if that matters).

Thanks for the help,

Po

crazijoe

If you do not want the security settings from the parent folder, you will need to make sure you uncheck the box for "Allow inheritable permmisions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here." This is located in the advance button on the security tab of the folder properties.
This will cut off all propageted permissions from the parent folder. You can add users or groups and give them permissions that will propagate to child objects of the folder.

powlaz

CraziJoe, thanks for the suggestion. I'm a little further along -in that I have used the advanced menu to sever the relationship between these subdirectories and the parent folder. I have added "gourmet" permissions to all 50. However the permissions did not carry over to the contents inside these 50 folders. I expected that they would automatically, but they did not.

So the question is how do I get the "gourmet" permissions set on the 50 folders to trickle down to the 1000's of files contained inside them. The way that's supposed to work, didn't.

Thanks for the help,

Po

Mystery

when you go into the advanced settings of the permissions; check the box that says 'Reset permissions on all child objects and enable propogation of inheritable permissions'.

powlaz

Maybe I'll get it right this time:

http://www.newegg.com/Product/Produc...82E16813998513

Oh yeah - I do all my purchasing at Newegg so I checked my order history and found the USB 2.0 card. I knew it was from Syba but I couldn't find it in the current product listing on Newegg. Here it is:

http://www.newegg.com/Product/Produc...82E16815124007

Thanks for the help

Po

crazijoe

powlaz you lost me on that last post. It doesn't seem relevant to this thread.

powlaz

Sorry about that. Wrong thread, wrong reply, wrong forum. What a fool am I. But since I'm here . . .

I just went back to trying to fix this mess. Here's where we left off:

I have Folders 1 - 50 in Folder A

Folder A
|
Folder 1 . . . Folder 50

I reset Folders 1-50 so that they don't have access by Everyone like Folder A does. Everyone needs to get into Folder A and then only the owner of Folder 1 needs to see what's in Folder 1 (for example).

Now the owner of Folder 1 can open folder one but can't do anything with the stuff inside it. The permissions didn't transfer to the files.
If I right click on Folder 1 and go to Properties > Security>Advanced I see a window that opened to a tab that says Permissions.

In the Permissions tab I see the names of the users who can access Folder 1 and:
Type: Allow
Name: <insert username here>
Permission: Full Control
Inherited From: Not Inherited
Apply To: This Folder, Subfolders and Files

At the bottom of the window I have:

Inherit from parent the permission entries that apply to child objects. Include these entries explicitly defined here.

Replace permission entries on all child objects with entries shown here that apply to child objects.

I read option #2 as the way to go but it doesn't appear to be working. The other tabs at the top of the screen are:

Auditing, Owner, Effective Permissions.

The option you gave me CRAZIJOE isn't there. Am I looking in the wrong place?

Po

crazijoe

Example



This folder does not inherit permissions from the4 parent folder but all subfolders and child objects will have permissions listed.
You will need to uncheck the "Allow inheritable permmisions from the parent to propagate to this object and all child objects. Include these with entries explicitly defined here." This will block the inheritance of the permission from the parent folder and you will be ask if you want to copy or remove the permissions that were previously applied. If you choose remove, you will then need to add the users that will have perissions to this folder and choose what permissions they will get. I always automatically add domain admins full control no matter what. In the Permissions entry window, there is a check box you can apply that will apply these permissions to all object and containers within the folder or you can check the box "Replace permission entries on all child objects with entries shown here that apply to child objects".

powlaz

And with the same results. Your screen shot matches my description of the page I'm working on. AND the box is already unchecked on this page. But if I enter into the folder and try to open a Word document (let's say) it won't open. Furthermore the security settings for the document show that nobody is approved to open it.

When I made this change I went in and erased the users listed on the security tab. Then I went folder by folder and added a custom group I had created on the AD server and the user who would need control of that particular folder.

Maybe what I need to do is set all of the folders to inherit their permissions from the parent (in my example Folder A) and then go back and try a different way to remove everyone from being able to see into these folders. Whaddya think?

Po

crazijoe

Did you set share permissions? This is separate from security permissions.

powlaz

Hmmm. Can you elaborate (NT)

crazijoe

Go to the sharing tab. Click on the permissions button. You will need to set share permissions on the folder to let certian users or groups access to them.