Thursday, March 26, 2015

Setting Access Permissions on Shared Folders for View Persona Management

View Persona Management and Windows roaming profiles require a specific minimum level of permissions on the user profile repository. View Persona Management also requires that the security group of the users who put data on the shared folder must have read attributes on the share.
Set the required access permissions on your user profile repository and redirected folder share.
Minimum NTFS Permissions Required for the User Profile Repository and Redirected Folder Share
User Account
Minimum Permissions Required
Creator Owner
Full Control, Subfolders and Files Only
Administrator
None. Instead, enable the Windows group policy setting, Add the Administrators security group to the roaming user profiles. In the Group Policy Object Editor, this policy setting is located in Computer Configuration\Administrative Templates\System\User Profiles\.
Security group of users needing to put data on share
List Folder/Read Data, Create Folders/Append Data, Read Attributes - This Folder Only
Everyone
No permissions
Local System
Full Control, This Folder, Subfolders and Files
Share Level (SMB) Permissions Required for User Profile Repository and Redirected Folder Share
User Account
Default Permissions
Minimum Permissions Required
Everyone
Read only
No permissions
Security group of users needing to put data on share
N/A
Full Control 
Posted by at No comments:
Subscribe to: Posts (Atom)