question

RickSomeone-1151 avatar image
0 Votes"
RickSomeone-1151 asked RickSomeone-1151 answered

Setting folder permissions...

I'm wondering, in some sort of magic trickery, if a folder can have permissions set
AS the user signs on.

Each time a new user logs onto a pc, it creates a folder, user\appdata\local. I wonder if there is some script that would add permissions to each folder as one became available.
GPO is out.

I have a run-once registry change that turns off Caps on Panasonics, just once, per user.
I kept getting it on the first time, then the next sign on as the same person turned it off.
I also don't know what all the Tags refer to at the bottom, so this may not be the right area to post this.
So I have that working. It took way too much thought to get it working.

This folder is only created as a user signs on and has a particular program installed.
Ex: Office is on the pc. A new user signs on and it activates their suite. But if the log onto another pc w/o Office, it is not even invoked.

Just wondering.....

windows-10-general
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,

I would like to check if the reply could be of help? If yes, please help accept answer, so that others meet a similar issue can find useful information quickly. If you have any other concerns or questions, please feel free to feedback.

Best Regards,
Joan

0 Votes 0 ·

Hello,

I would like to check if the replies in this blog could be of help? If yes, please help accept answer, so that others meet a similar issue can find useful information quickly. If you have any other concerns or questions, please feel free to feedback. Your support is really important to our work.

Best Regards,
Joan

0 Votes 0 ·
jiayaozhu-MSFT avatar image
0 Votes"
jiayaozhu-MSFT answered RickSomeone-1151 commented

Hi,

Thanks for posting on our forum!

Firstly, I think your question is related to storage and maybe a little bit of Active Directory and I work for storage, so I think I can try to help you in storage part.

Secondly, I am not sure if I understand your requirement correctly: each time when your users log in, a folder will be created in your local drives and everyone can get access to the folder. Am I right?

Your Environment and demand: you have many users and your own computer is the Domain controller for the whole group, and each user account is added into your domain, then you want each user can create their own folder in your local drives and store their files in their own folders. Besides, you can grant permissions to all of your users to get access to these folders.

If the above description is correct. Then you can just use NTFS permissions or work folder to achieve your goal.
1) NTFS permission. This is probably the easiest way to configure user access to your local drives while keeping your local drives safe from other people. You just need to add the user accounts that you want them to access local drives. See these articles:
https://www.varonis.com/blog/ntfs-permissions-vs-share/

https://blog.netwrix.com/2018/05/03/differences-between-share-and-ntfs-permissions/

(Please note: the information posted on this link is hosted on a third-party server. Microsoft does not guarantee the accuracy or effectiveness of the information.)

2) Working folder. It is a Windows Server-based file server role service that provides users with a consistent way to access their work files from their computers and devices. See this article:
https://docs.microsoft.com/en-us/windows-server/storage/work-folders/work-folders-overview

Besides, if you decide to adopt any of my suggestions, keep in mind that you need to format your local drives as NTFS.

Thanks for your support! And I would appreciate it if you could help me Accept Answer to support my work.

BR,
Joan


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

My question is:

Each time a user signs on who has specific software installed, has a folder in user\appdapta\local*folder name* created when they launch the software.

When we pre-build a pc, we log on as them and go to the folder that was created.....and give authenticated users full-control.


I found some writing about how to turn off Numlock on Panasonic models. First it would turn off Numlock, but the next sign-on, it would turn it back on. So the admin\ntuser.dat file could be set in advance (run-once reg key).

I was hoping that something like mounting the default user .dat file and loading the registry hive would work (like the run-once does). I use DISM to mount the WIM file. Then open regedit on the WIM and load the registry hive for the admin\ntuser.dat, make registry changes, then unload the hive. Save WIM. Done. But with this being a folder permission issue, I don't know if that can be done.

0 Votes 0 ·
jiayaozhu-MSFT avatar image
0 Votes"
jiayaozhu-MSFT answered

Hi,

Thanks for your rely!

Firstly, I am quite suprised of what you did, it was a really novel way and is beyond my knowledge. Our forum can only try our best to give you some general resolutions provided by OFFICAL Microsoft tools and methods.

Secondly, in view of your demands, I still recommend you with some customized scripts. But your method can be investigated to some extent, and I will keep this blog open to the public, hope there will be some professionals in your field to leave their suggestions. In addition, I will keep track on this issue and will go to ask some of our senior engineers about your condition.

Thanks for your understanding! And I would appreciate it if you could help me Accept Answer to support my work. This action can alsp help your blog automatically be put on top of our forum, in which way can people who are professional in this issue get access to this blog more quickly.

Have a nice day! : )

BR,
Joan


If the Answer is helpful, please click "Accept Answer" and upvote it.

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RickSomeone-1151 avatar image
0 Votes"
RickSomeone-1151 answered

As time permits, I will test the run-once for the folder, I'm just not sure how to give permissions to a folder "as" it gets created (when the user logs on).

We manually sign on as the user, then go way into a folder path and give that inner folder permissions for authenticated users. Hard to do when the folder isn't there yet.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.