I am having a hard time with permissions. If I try to remove inherited permissions from one person, I end up removing...
them from everyone in that folder. Sometimes I have to go directly to the file to assign permissions, other times not.
I thought if you assign permissions to a folder and selected inherit, it should filter down to all the files in that folder. Obviously I'm doing something wrong.
Note: We recently migrated from Novell to Microsoft and now we have eight servers in a Citrix environment.
When assigning NTFS permissions to an object, there are two options available on the "Advanced" tab that might be your source of confusion.
The first option is "Inherit from parents the permission entries that apply to child objects." If this check-box is enabled, the folder you're working on will receive all inherited permissions from further up the directory tree.
So if you're looking at a folder called Folder1 in the path "C: \Home \Folder1", leaving this option checked will allow Folder1 to receive any permissions that were assigned to C:\and C: \Home, as well as any permissions assigned directly to C: \Home \Folder1.
You cannot remove any permissions assigned to Folder1 via inheritance unless you disable this option. If you remove this check-mark, you are effectively turning off inheritance for this folder. When you remove this check-mark, you have the option of Copying existing permissions, or Removing all existing permissions and starting from scratch. If you remove existing permissions, you'll need to manually specify all permissions for this folder since there will be none left from the permissions inherited from C: \ or C: \Home.
The other option is "Replace Permission entries on all child objects with entries shown here." By placing a check-mark here, you're specifying that any folders under Folder1 will inherit any permissions that you assign to Folder1. Inheritance basically starts over from this point.
Dig Deeper on Windows Server storage management
Related Q&A from Laura Hunter
Active Directory expert Laura E. Hunter explains to a reader what must be done to change the default display specifiers for new users in Active ... Continue Reading
Active Directory expert Laura E. Hunter tells a reader what to keep in mind when deleting subnets associated with sites being removed in an ... Continue Reading
Active Directory expert Laura E. Hunter offers some advice for changing the IP addresses of domain controllers. Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.