On the new redirection folder created, Set Share Permissions for the Everyone group to Full Control.
Use the following settings for NTFS Permissions:
- CREATOR OWNER - Full Control (Apply onto: Subfolders and Files Only)
- System - Full Control (Apply onto: This Folder, Subfolders and Files)
- Domain Admins - Full Control (Apply onto: This Folder, Subfolders and Files)
- Everyone - Create Folder/Append Data (Apply onto: This Folder Only)
- Everyone - List Folder/Read Data (Apply onto: This Folder Only)
- Everyone - Read Attributes (Apply onto: This Folder Only)
- Everyone - Traverse Folder/Execute File (Apply onto: This Folder Only)
- for the everyone users go to advance options to get the above permission options – these will show as special permissions
Pay attention when configuring the home directory or folder redirection policies. If you enable the setting to give the user exclusive access to the folder, you will override the inherited permissions and need to reset the ACL.
If the users’ folder does not show up when you go to the shared location e.g. \\server\folderredirection
even though the GP is applying, but it does show in the actual location of the folder - remove the ‘folderredireciton’ share and re-apply the initial share permission.
Note: this set up will only give admins access to the top level folder – you will not be able to drill into the users’ folders.