I
iceghost
I am new to Windows 2003 Server and I am trying to set up a simple
directory structure to allow a small workgroup to access data based on
their group. I come from a Novell background and I can do all the
following very simply in Novell - but I need some help from you MS
Gurus with this one please.
I am setting up the following directory structure
C:\
Data
Accounts
Sales
Marketing
etc
I need to allow access to Accounts to the Accounts Team and so on.
I set up a security group called Accts and pulled the 2 accts people
into it.
I set up Data as a shared resource on the server.
I then went to the c:\Data\Accounts Folder and removed all inherited
rights and assigned Full rights to the administrator and the Accts
Group.
BUT with this configuration, H: (mapped to the Accounts Share) from a
PC logged in with an Accts Group account cannot access the folders.
(Access Denied)
If I let the rights from C:\Data\Accounts propagate DOWNwards, it
changes nothing.
If however I allow inherited rights from above, everything works. But
it also means ALL non Accts group users also can see everything in the
folder.
I asked a few colleagues and we didn't manage to work it out. What's
the answer anyone please... Or is the answer not to use W2003 in this
way? Shall I create several shares and assign rights to shares?
The only way I got this to work is if I explicitly set the rights by
username. But I don't want to do this for obvious reasons.
Thanks in advance.
Saeed
ì
directory structure to allow a small workgroup to access data based on
their group. I come from a Novell background and I can do all the
following very simply in Novell - but I need some help from you MS
Gurus with this one please.
I am setting up the following directory structure
C:\
Data
Accounts
Sales
Marketing
etc
I need to allow access to Accounts to the Accounts Team and so on.
I set up a security group called Accts and pulled the 2 accts people
into it.
I set up Data as a shared resource on the server.
I then went to the c:\Data\Accounts Folder and removed all inherited
rights and assigned Full rights to the administrator and the Accts
Group.
BUT with this configuration, H: (mapped to the Accounts Share) from a
PC logged in with an Accts Group account cannot access the folders.
(Access Denied)
If I let the rights from C:\Data\Accounts propagate DOWNwards, it
changes nothing.
If however I allow inherited rights from above, everything works. But
it also means ALL non Accts group users also can see everything in the
folder.
I asked a few colleagues and we didn't manage to work it out. What's
the answer anyone please... Or is the answer not to use W2003 in this
way? Shall I create several shares and assign rights to shares?
The only way I got this to work is if I explicitly set the rights by
username. But I don't want to do this for obvious reasons.
Thanks in advance.
Saeed
ì