Windows 2008 r2 how to restrict access to a folder?

H

HighMan2019-09-03 22:40:23

RDP

HighMan, 2019-09-03 22:40:23

Hello Lord!
All users work on RDP!
Let's say we have a Documents directory. There are user directories, such as: "Ivanov", "Petrov", "Sidorov" and the "General" folder. It is necessary that ONLY the user Ivanov has access to the "Ivanov" folder, ONLY the user Petrov has access to the "Petrov" folder, etc. Everyone has access to the Public folder.
Of course, you can list all users in the "Security" folder "Ivanov" and deny them access, but this is somehow clumsy.
I don't understand why, but in Windows "prohibition" takes precedence, and if you give the "Users" group a ban on access to a folder, then it doesn't matter what permissions the users have. Everyone will be denied access.
How to make sure that only those users and groups that have access to the folder have access to the folder, and all the rest (by default) do not have access? "Didn't have" means they couldn't even go into someone else's folder.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Anton Matushkin, 2019-09-03
@Nanto

In Windows, no permission is a "soft" deny, and a direct deny is a "hard" or forced deny that takes precedence over all granted permissions.
You need to give the desired user the required permissions on the folder, and for other users and groups to which they belong, permission to remove, and not set an outright ban.