Roaming Profiles NTFS/Share Security

[aaronjwilkinson]

Hi

Firstly, i realise that there are a number of threads on this forum about this kind of issue...however, after having a look at probably all of them...they dont seem to fit my exact issue.

Right, i had a problem with roaming profiles some weeks ago...and it turned out to be a group policy problem in the end (doh!). Anyway, in the process of trying to fix what i thought was a permissions problem, i opened up the profiles (and home folder) areas of the staff to everyone (and by "everyone", i mean just staff). Therefore, any member of staff could effectlvly browse the home folder of any other member of staff.

After looking at the guides of how to secure profile shares, i'm a little confused...and the reason for that i because i think our folder structure is a little different to most (this was set up by the guy before me...and during the summer, it'll be getting changed)

Our folder structure for staff home folders and profiles (because at present, profiles are in the home folder of each member of staff):

\\cooperdata\cooper-users\hc_staff\"username"

Ideally, i'd like to ditch the folder called "hc_staff"...because there isnt any need for it, however, at this stage in the year...i can't.

So my question is...how do i secure this? i've tried loads of different things, but i either allow everyone to view everyones work...or access is rescricted...and any new users that i create are now able to create new profiles on their first log on (some permissions error is shown)

Any help would be great

Thanks

Aaron

(and sorry for the essay...i just like to explain my problem in full)

[tosh74]

Have a read over this article. It will help you out

Security Recommendations for Folder Redirection: Group Policy