+ Post New Thread
Results 1 to 6 of 6
Wireless Networks Thread, Random all users home folders available! in Technical; We have our year groups separated into different folders on the file server, i.e. Year 11's have a folder called ...
  1. #1
    theeldergeek
    Guest

    Random all users home folders available!

    We have our year groups separated into different folders on the file server, i.e. Year 11's have a folder called (for example) home11$, Year 10's home10$ and so on.

    Within those folders are the students home folders. A typical path to a home folder is \\server_name\home11$\username.

    We connect the students to their home folder (an 'N' drive) using Active Directory profile properties.

    Recently, and randomly, when a student opens their 'N' drive, they are able to see all other students folders, and have read/write access.

    Students should only have access to their own 'N' drives.

    A profile reset usually resolves this problem, although the problem has repeated itself for some students.

    Just in the early stages of investigating what's going wrong, so could anyone give me a suggestion as to what might be causing this to happen?

  2. #2
    danrhodes's Avatar
    Join Date
    Sep 2008
    Location
    Wath Upon Dearne
    Posts
    1,514
    Thank Post
    157
    Thanked 181 Times in 150 Posts
    Rep Power
    68
    Have you got anywhere with this yet I would love to know any more details?

    Have you tried sharing each user folder instead and settings perms on both the home folder and the share for that particualr user.

    D

  3. #3
    theeldergeek
    Guest
    Quote Originally Posted by danrhodes View Post
    Have you got anywhere with this yet I would love to know any more details
    No real progress yet. What we are having to do is set permissions for each user for each home folder.

    Although we are still getting incidents of students being able to see other students folders, they now can't actually access them.

    Previously they could both see and access the folders. We were getting some of the little darlings deleting other students work!

    If anyone has any idea, anything, please put it down!

  4. #4

    Join Date
    Feb 2006
    Location
    Derbyshire
    Posts
    1,381
    Thank Post
    181
    Thanked 211 Times in 171 Posts
    Rep Power
    65
    Quote Originally Posted by Tx2online View Post
    No real progress yet. What we are having to do is set permissions for each user for each home folder.

    Although we are still getting incidents of students being able to see other students folders, they now can't actually access them.

    Previously they could both see and access the folders. We were getting some of the little darlings deleting other students work!

    If anyone has any idea, anything, please put it down!
    Sounds like you have some NTFS permissions issues - if the only thing you have set up is the share permission e.g "year11$" - modify then try and map a student to "\\server\year11$\joebloggs" they will always be able to see, access and modify work in "\\server\year11$\anyfolder"

    You also need correct NTFS permissions on the subfolders - share permissions and NTFS permissions are not the same thing. You need both for 'belt and braces' type security. The only way the situation described could be occurring is if the NTFS permissions are not set on the home folders within the main share for each year group.

    eg.

    \\server\year11$\joebloggs - rw for joebloggs, full for admin/system, r for teachers
    \\server\year11$\johnsmith - rw for johnsmith, full for admin/system, r for teachers

    johnsmith cannot then access joebloggs folder and vice versa, even via share browsing.

    When you have the NTFS permissions set correctly, my suggestion would be to install "Access Based Enumeration" on your server - this will hide any folders the user does not have read access to.

    http://www.microsoft.com/windowsserv...rview/abe.mspx

    If you want to quickly set the permissions on your users home folders and they have the same folder name as user name, you can use a calcs script.

    This is the one I use to quickly reset the permissions on our staff profiles -

    for /D %%I in (*) DO XCACLS "%%I" /T /G BUILTIN\ADMINISTRATORS:F "NT AUTHORITY\SYSTEM":F "%%I":C /Y

    This goes in a .bat file in the root folder where the profiles are stored. In English, it says "For every directory in this folder, take the folder name and apply RW permissions for the user with the same name as the folder, also add full control for Administrators and System"

  5. #5

    Join Date
    May 2007
    Location
    Birmingham
    Posts
    170
    Thank Post
    9
    Thanked 45 Times in 36 Posts
    Rep Power
    28
    I had this problem when i moved the users home folder to a different server i added
    NET USE H: \\server name\Users folder\%username% into the logon script i use and removed the home folder setting in AD

  6. #6
    k-strider's Avatar
    Join Date
    Oct 2006
    Location
    Gloucester
    Posts
    358
    Thank Post
    7
    Thanked 40 Times in 30 Posts
    Rep Power
    24
    when i moved folders in the past i used NT backup to backup and then restore them that way it keeps the security permissions

    I need to run something like that script over our folders because we have directory listing / traverse folder set for authenticated users all the way down the tree from home.-> yearjoined->Username and sometimes the kids think they have found a big loophole when they are browsing down someone else's folder structure... till i point out when they try and open a file or delete a file it goes access denied :-)

    Still i'd like to remove the Traverse right down at the Username Level..



SHARE:
+ Post New Thread

Similar Threads

  1. random named folders appearing in my docs
    By jjohnsoncantell in forum Windows
    Replies: 26
    Last Post: 3rd March 2010, 03:00 PM
  2. Should I use iSCSI for home folders?
    By johnnyTechy in forum Hardware
    Replies: 4
    Last Post: 12th January 2009, 06:05 PM
  3. Moodle: Users home folders
    By timbo343 in forum Virtual Learning Platforms
    Replies: 15
    Last Post: 15th July 2008, 04:38 PM
  4. Replies: 0
    Last Post: 20th August 2007, 03:20 PM
  5. Replies: 7
    Last Post: 26th January 2007, 01:15 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •