Share: Everyone has full control NTFS
under NTFS: Authenticated users (modify) Local admins (Full COntrol) CREATOR OWNER (only special permissions is checked, if I go to advanced it says it has full control, but it will not allow me to apply it if I simply check full control) SYSTEM (Full Control) Local server users (read and execute, write, special permissions) ________________________________ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, July 16, 2009 9:48 AM To: NT System Admin Issues Subject: RE: Terminal Services Profiles Verify these permissions at your profiles$ share: Everyone - Full control share permissions NTFS: creator owner - full control, subfolders and files only local system - full control, this folder, subfolders, files whatever user group you create for ts users - list folder/read data, create folders/append data, this folder only >>> "Owens, Michael" <michael.ow...@dys.ohio.gov> 7/15/2009 3:02 PM >>> I think I may of explained my problem incorrectly, now that I look at what I wrote. I have the GPO set to create a TS roaming user profile in \\server\profiles$<file://\\server\profiles$> Everyone, and authenticated users have access to that share, and the changes propogate to child objects. The permissions appear to be correct, because when the user logs on, there is a folder created called \\server\profiles$\username.domain.v2<file://\\server\profiles$\username.domain.v2> however, when I look at the desktop of the user logged in, he gets an error saying the profile cannot be created. But, it created the folder! I look at the rights of the folder that it created on its own, and the local administator, the user accountm and SYSTEM all have full control to that folder. As the user, I can navigate out to it and create a file and a folder inside the profile folder it created for itself. ________________________________ From: Owens, Michael [mailto:michael.ow...@dys.ohio.gov] Sent: Wednesday, July 15, 2009 11:43 AM To: NT System Admin Issues Subject: RE: Terminal Services Profiles Yes. I have the "Set path for TS Roaming User Profile" set. I am trying to create them on a larger share, and it is working... kind of. The folder gets created, so it is clear the account has access to that folder, but it doesn't create a profile in that folder, it creates a temporary profile locally. ________________________________ From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Wednesday, July 15, 2009 11:18 AM To: NT System Admin Issues Subject: Re: Terminal Services Profiles Are you using TS profiles? I have a GPO set on the Terminal Servers OU, and that sets profiles to be stored on a large share, and allows profiles to be cached on the TS servers as well. That's in the TS 2008 Resource Guide. I don't have it handy but can get more details if you need it. >>> "Owens, Michael" <michael.ow...@dys.ohio.gov> 7/15/2009 10:07 AM >>> All - I have TS profiles, configured through GP. The GP works, as it actually creates the profile when the user logs on, as it is supposed to. However, the folders remain empty and I recieve errors that the profile cannot load correctly. Any thoughts? Mike ________________________________ This message, and any response to it, may constitute a public record and thus may be publicly available to anyone who requests it in accordance with Chapter 149 of the Ohio Revised Code. Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ________________________________ This message, and any response to it, may constitute a public record and thus may be publicly available to anyone who requests it in accordance with Chapter 149 of the Ohio Revised Code. ________________________________ This message, and any response to it, may constitute a public record and thus may be publicly available to anyone who requests it in accordance with Chapter 149 of the Ohio Revised Code. Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ________________________________ This message, and any response to it, may constitute a public record and thus may be publicly available to anyone who requests it in accordance with Chapter 149 of the Ohio Revised Code. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
