We have a domain controller, a terminal server, and a file server. The file server is where we store our files. Our programs are on the TS. On the file server we have a folder called Share that is mapped. There was a folder called Nursing P&P Manual that they wanted security changed from everyone to only 2 users having full control. I made a big mistake by doing DENY for everyone and then the two users full control. Then it appeared the folder was empty. I renamed the folder that only shows 3 folders & 5 files. We use SonicWall for backup. When I go to the backup it appears with the file renamed but it shows 71 folders and 1400 files in my backup folder. I try saving my backup to disk, flash drive, dvd, and get msg that it can't determine the space available. I even went & bought a new 12 GB flash drive and get the same msg. The folder shows it to be less than 1 GB. I assume it is because of security. Can anyone help me or do I need to contact my SonicWall support?

Right-click that folder, select Properties -> Security -> Advanced. Browse through tabs, find Owner tab and replace ownership for Administrators local group. Then you will be able to change permissions back. NEVER use Deny restriction until you're experienced systems administrator. Assign the minimum required level of Permissions for required groups only. Don't use Everyone group until you know exactly what you're doing.MCITP: Enterprise Administrator; MCT; Microsoft Security Trusted Advisor; CCNA

It has ownership for Administrators at the domain level. Do I switch it to the local level? Yes I now know not to use the DENY. Sometimes we learn the hard way. Thanks so much for your help.

Usually, we collect user accounts in global groups based on role or geographical principles. We create localgroups for resource access and assign permissions to local groups. Then, we put global groups into appropriate local groups to give access to resources. So, I would change ownership to Administrators localgroup, not Domain Admins global group. Then, just remove Deny and that's it. Try avoiding giving Full Control to non-administrative accounts because Full Control is too much — it implies Right to Change Rights. Use Modify permission when user only needs Read/Write/Delete access.MCITP: Enterprise Administrator; MCT; Microsoft Security Trusted Advisor; CCNA

When I go into permissions it shows the Everyone group as having full control. It is like the DENY never took when looking at it. Should I remove the everyone account?