permissions

[Guest]

Archived from groups: microsoft.public.win2000.security,microsoft.public.windows.server.general,microsoft.public.windows.server.security (More info?)

I set up an enironment with 1 Win2k3 AD server and some desktops. On the
server I set up a directory (called Data) that will store users' personal
data (aka - home drives). Inside the Data folder, there is a seperate
folder for each user (ie - John, Harry, Sue). On the Data folder, I gave
the Everyone group full control. On each individual folder underneath the
Data folder, I gave each user full control to their own folder.

Now, when I copy their old data from their old server to the new AD server,
that data has only read only permissions. In their old environment, they
were not in a domain model, they were in a workgroup model.

So, the question is, why did the "full control" permissions I set on the
folder not take effect on the data that I copied from the old server to the
new server?

Also, is there a primer on the web somewhere that I can refer to to
understand Permissions better under Win2k3?

Thanks!

 

[Guest]

Archived from groups: microsoft.public.win2000.security,microsoft.public.windows.server.general,microsoft.public.windows.server.security (More info?)

Assuming that you have only a small number of users, say 10 or less, and you
probably aren't concerned so much with why it happened but how to fix it, if
you go into the permissions for each user directory, uncheck the "Allow
permissions from parent ro propegate to this object box" (assuming you don't
want the Everyone - Full Control from the Data folder to go down into each
user's directory), then check the box to replace permissions on all
objects/containers/whatever beneath this. I think you need to go into the
advanced screen in NTFS sercurity for the second option. That should set up
the files and directories correctly. If you need to do say 200 or 2000
users, there are command line tools that can do this, just post back if
that's the case.

As for file permissions, the general rule is, if the file is created,
copied, or moved from another drive, it gets the permissions of the
directory it is placed into. If it is moved from the same drive, it retains
the existing permissions.

-Will

"Fred Hammond" <freddhammond@yahoo.com> wrote in message
news:OlUkc%23QzEHA.1392@tk2msftngp13.phx.gbl...
> I set up an enironment with 1 Win2k3 AD server and some desktops. On the
> server I set up a directory (called Data) that will store users' personal
> data (aka - home drives). Inside the Data folder, there is a seperate
> folder for each user (ie - John, Harry, Sue). On the Data folder, I gave
> the Everyone group full control. On each individual folder underneath the
> Data folder, I gave each user full control to their own folder.
>
> Now, when I copy their old data from their old server to the new AD
server,
> that data has only read only permissions. In their old environment, they
> were not in a domain model, they were in a workgroup model.
>
> So, the question is, why did the "full control" permissions I set on the
> folder not take effect on the data that I copied from the old server to
the
> new server?
>
> Also, is there a primer on the web somewhere that I can refer to to
> understand Permissions better under Win2k3?
>
> Thanks!
>
>
>