|Subject:||AD trust and folder permission|
|Posted by:||dkblee (dkbl…@discussions.microsoft.com)|
|Date:||Mon, 20 Jul 2009|
hi! We created an one way trust between our hq and branch office (different
forest, HQ created outgoing trust, and branch created incoming trust). I've
created a domain local group and add in the group created by the hq into my
branch office's domain local group.
I've shared a folder and (sharing permission everyone full access) set the
security permission to enable the hq group read access to the local shared
folder. I noticed that the user within the hq group can actually create and
made any changes in the shared folder i created in the branch office. It
seems that the security setting doesn't really take effect. I also noticed
that the folder created by the hq group's user will have full access in the
subfolders (the user in the hq group becomes the owner of the file/folders
created by them and the hq group still show read only access in the security
permission tab). Is this normal? My objective is to let the user in the hq
group to have access to my local shared file server instead of using my local
domain account and the hq domain account.
Please advise. Thanks.