It just has all sorts of permissions added to it some folders are inherited others are not and it’s a complete mess.
I basically just want to lockdown the share and folders to bare minimum,
For example I don’t personally want anyone in the company to be able to navigate and read the share and it’s contents. I just need the minimal required permissions for packages (drivers, applications, osimages to be created from that share.
So what access needs to be on the source folder share.
And then under NTFS what accounts I need to add permission and what level permission.
So for example Sccm administrators would have modify ntfs permission.
What other accounts need access to the share and ntfs permissions.
So does the network access account for example need to be in either.
Does System need to be in the ntfs permissions?
Does the AD computer account for the site server needed to be added to the share or ntfs permissions? Etc etc
Thank you for the reply. What needs read access on the share and what permissions for NTFS so I need to have in place?
For example, what accounts need to be listed on the share and what accounts need to be on NTFS for it to work.
So I know for example on NTFS you would have a group of users who create packages etc to have wrote access to these locations, but I just wondered what accounts like the server AD accounts need to be on these with what level of access
Share:
Everyone = Full
NTFS:
Local Admins = Full
System = Full (because the source directory is on the primary site server?)
SCCM Admins = Full (users who work on sccm)
Network Accesss Account = Read
I do I need to add the primary site servers AD computer account to this aswell?
Would this stop everyone except those stated in NTFS from being able to see the contents within the subfolders of the source share?