Jan 09 2023 09:07 AM
We have 2 users that need modify permissions to this folder \\domainname\netlogon\push, running on Windows 2019 DC. With my administrator account I can add/delete files/folders. When I add the developer accounts and give them modify rights and view "effective permissions" it shows they only get read/list rights which matches the same permissions for the authenticated users group. I also tried setting permissions using the full path on one of the DC's c:\windows\sysvol\sysvol\domainname\SCRIPTS\push and it replies with "You are about to change permission settings on system folders. This can reduce the security of your computer and cause users to have problems accessing files. Do you want to continue" - so I cancel by clicking NO
Any ideas on how we can get these permissions applied?
Jan 09 2023 10:45 AM
Modifying the \sysvol permissions is asking for troubles. The share permissions are what prevents writing - which are set to Read. To allow writing to NETLOGON, have your users to access its content via SYSVOL share.
rather than connecting to
\\DC\Netlogon
have them connect to
\\DC\SYSVOL\somedomainname.com\Scripts
Jan 09 2023 11:25 AM
Jan 09 2023 11:39 AM
Something here could help.
Unable to Access SYSVOL and NETLOGON folders from Windows 10 | Windows OS Hub (woshub.com)
Jan 09 2023 11:50 AM
Jan 09 2023 12:09 PM
The new folder you created is just inheriting permissions from above. Sounds like you have two options; modify the permissions structure of sysvol (not recommended) or elevate the user permissions. Seeing's as they're trusted to edit files here if it were me, I'd take the second option.