Secure shared folder?

[game_over]

I'm trying to share a folder over a network that only 3 users should be able to access... i setup full permissions for the 3 users and then set the entire user group to deny all, but it's throwing an error saying deny permissions always take priority so if a user has allow permissions and is part of the group that is denied, then they'll be denied.

So how can i deny an entire organisational unit of 50 users, while allowing 3 of them full access?

Windows server 2008

[Daedroth]

I think if you only add the three users into the security permissions and give them full access, that will be enough. By not adding in the other users of the OU, that means they aren't allowed into that folder because they aren't on the access control list. I think that's the case any way.

[1ON]

As above. Just ensure that the 3 users have full access and the general Windows system accounts. This will deny all other users access.

[Dan~]

Create a security group, add the users into the group, then give permission to ONLY that group, well have admin/system.

Try not to add the three individually, it'll work, just not good practise

[game_over]

As easy as that ey? Thanks guys it's working :)

[+BudMan MVC]

"Try not to add the three individually, it'll work, just not good practise"

3 users seems a bit low to require creating a group.. Yes I agree for large numbers of users you would create groups to house them and use for assignment of permissions.. But I don't agree with assessment of 3 being a large number ;)

[sc302 Veteran]

So you want to hide a folder, leaving the folder in the main group and allow only certain users access to that folder? If you have a 2008 server we can do that, it is a bit of a process but can be done (I do that here). Deny always takes precidence over allow, never deny anything.