cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Developer access to Netlogon subfolder

rlivermore15
Copper Contributor

‎Jan 09 2023 09:07 AM

‎Jan 09 2023 09:07 AM

Developer access to Netlogon subfolder

We have 2 users that need modify permissions to this folder \\domainname\netlogon\push, running on Windows 2019 DC. With my administrator account I can add/delete files/folders. When I add the developer accounts and give them modify rights and view "effective permissions" it shows they only get read/list rights which matches the same permissions for the authenticated users group. I also tried setting permissions using the full path on one of the DC's c:\windows\sysvol\sysvol\domainname\SCRIPTS\push and it replies with "You are about to change permission settings on system folders. This can reduce the security of your computer and cause users to have problems accessing files. Do you want to continue" - so I cancel by clicking NO

 

Any ideas on how we can get these permissions applied?

3,073 Views
0 Likes
5 Replies
Reply
5 Replies
Dave Patrick

‎Jan 09 2023 10:45 AM

‎Jan 09 2023 10:45 AM

Re: Developer access to Netlogon subfolder

Modifying the \sysvol permissions is asking for troubles. The share permissions are what prevents writing - which are set to Read. To allow writing to NETLOGON, have your users to access its content via SYSVOL share.

rather than connecting to

\\DC\Netlogon

have them connect to

\\DC\SYSVOL\somedomainname.com\Scripts

 

 

0 Likes
Reply
rlivermore15

‎Jan 09 2023 11:25 AM

‎Jan 09 2023 11:25 AM

Re: Developer access to Netlogon subfolder

Hello Dave, thank you. Our alternate path is \\abc\sysvol\abc.local\scripts\newfolder but until permissions are adjusted they cannot make any changes to the "newfolder" folder. Even though the system allows me to set their NTFS permissions to modify on the folder they still can't make modifications on the folder and you're saying the share permissions are set to read which is the issue. Is there no option to get around the lockdown without adding them to the group my account belongs to which has modify access to all of the folders?
0 Likes
Reply
rlivermore15

‎Jan 09 2023 11:50 AM

‎Jan 09 2023 11:50 AM

Re: Developer access to Netlogon subfolder

Thank you for that but the developers can access the folder they just can't make any file/folder modifications within it. For example if they try to upload a file they get a message that states "you need permission to perform this action" which coincides with what I see when I check their permissions via the folders security tab "effective access" which shows they only have read/list even though I gave them modify rights
0 Likes
Reply
Dave Patrick

‎Jan 09 2023 12:09 PM

‎Jan 09 2023 12:09 PM

Re: Developer access to Netlogon subfolder

The new folder you created is just inheriting permissions from above. Sounds like you have two options; modify the permissions structure of sysvol (not recommended) or elevate the user permissions. Seeing's as they're trusted to edit files here if it were me, I'd take the second option.

 

 

0 Likes
Reply