Windows Sharing Permissions (Windows Server 2008, Active Directory)

[Lachlan Leov]

Not sure if this is the right place but i was wondering if anyone could help me. I'm currently working for a business where a user has requested that he has the ability to add and remove users to allow access to his "confidential folders" and what not. Now the problem i have is that i don't know how to do this without adding him to the domain admins group which is obviously not the go.. Any help would be appreciated, cheers.

[+BudMan MVC]

On his folder give him full permissions.

[Lachlan Leov]

Have tried that, have also tried giving him ownership of the folder and delegating him more access in AD

[sc302 Veteran]

You have share level permissions and file level permissions. 

 

Your share level permissions, to make life easy, should allow "everyone" read and write access.  

 

Your file level permission should allow the individual user groups access to be able to read and write to the folders which should then trickle down to the files.  You may have to reset the inherit rights attribute on the folder to make sure that the parent folder rights propagate down to the child folders and files.  Ownership is irrelevant for basic file shares....it becomes relevant with redirection via gpo.