ACL Read & Change Permissions Puzzling me!!???
Im finding something really hard to get my head around regarding ACL on my share folder
Basically im setting a mapped drive from a share,
now ive got my users in a Global group and got my ACL group setup as Domain Local group, so as you can imagine i place my global users within the domain local group for the share so they can save work to the mapped drive!
its all works. but i dont want them to see file permissions when they right click on a file or folder. (petty i know) but im sure it can be done.
so far the only permissions set are administrators and system group full control and my ACL domain local group only has
Traverse Folder / Execute File
List Folder / Read Data
Read Extended Attributes
Create Files / Write data
Create Folders / Append Data
Write Extended Attributes
there is no where in the ACL of the drive have i set
for the ACL Domain Local group for my users. not even on the root of the drive.
so when i goto login as a user they can access the drive. create files and folders this is fine and delete is fine too. but if i right click on the any file or folder i can read permissions
if i create a folder or file directly from the share on the server under administrator. i got back to the client computer and log in as a users and it denies me to read permissions. which is what i want
it seems that if a users creates a file or folder they can read permissions but if its created by administrator on the server they cant!
ive even checked on the effective permissions and the
are ticked but i cant see where it is inheriting this from!
am i missing something here?
BTW my share permission is set to change and not full control for the users