none
Folder Redirection move changes NTFS permissions

    Question

  • I am in the process of migrating my users to a new file server. The folder structure of the new file server is wildly different, so to simplify the move, I am letting Group Policy move each redirected folder to the new location when the user logs on (by checking the "Move the contents of <FolderName> to the new location" option).

    The move works fine, however during the process, the NTFS permissions are changing. The original location has the user account itself granted Full Control of the root folder, and inheritance propagates that permission to all subfolders and files. The new folder created by Group Policy on the destination server is different. The user has Full Control, but only for "This object only"... on all subfolders and files. The net result is effectively the same.

    The problem occurs when it comes to scanning. Our scanners are configured with a service account that has permission to save files directly into the user's Documents folder. In this case, the service account owns the file. Since the user has been granted "This object only" access to all objects, they don't have access to the newly created file.

    Is there any way to change this behavior so I don't have to touch each and every redirected folder for each and every user after they have been migrated?

    Wednesday, March 04, 2015 6:29 PM

Answers