I am having trouble with permissions on my new 2008 server. Consider the following file structure:
- Engineering- IT- Accounting- Capital Projects- Systems- Financials- Ledgers
I would like to provide access to the the Engineering directory for the Engineering group (group created in Active Directory Users and Computers). I would also like this department to view the Capital Projects folder in the Accounting folder. The same applies to the IT deptarment and Systems folder in the Accounting folder. I would like the Accounting group to have access to the full directory of accounting with exception of the Financials folder which should be accesible by the CEO and CFO. I would also like to be able to use Access Based Enuration so that the folders that users do not have access to are not visible to them.
The only way I have been able to find so far is to give the users full share permissions on d:\departments, and NTFS Security Read, Write, List Folder contents on the departments they need to see, then on each folder I don't want them to see, deny them all rights. This is obviously tedious and does not help when a new folder is created.
Can anyone provide help with this?