This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(211.20000000000002, 87%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETC%3C/text%3E%3C/svg%3E)
Hi everyone, hope you all doing well. I have one scenario and hope you can help.
I have a window 2022 file server. There is one root folder called DEPT. User1 assigned with read/write permissions. And the permissions are propagate to all the sub-folders in the DEPT folder. Each sub-folders also have other explicit permissions assigned to other users.
Now I want to remove User1 from the root DEPT folder and all subfolders in it while I want to keep all other the explicit permissions in the subfolders.
I go to DEPT, advanced security, and hit "Change permissions". There is a box called "Replace all child object permissions with inheritable permissions from this object".
My question are
1.) should I check this box in order to keep all other explicit permission in the subfolders while I can remove USER1 from them?
2.) If I check the box, will the original explicit permissions in the subfolder be totally wiped out and be replaced with those persmissions in the root DEPT folder?
Thank you for your help.
Takami Chiro
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Sure, just find the User1 here in list and remove
Ok. I will try. Hope it will remove the user not just in that root folder but also the rest of the subfolders. Thank you very much for all your response!
Takami Chiro
Sounds good, you're welcome. The better solution may be to create a group for access and add the desired users to the group.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 48%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDS%3C/text%3E%3C/svg%3E)
Individual users should never be assigned to folders in the first place, the only exception being their User folder. Best practice is to assign permissions via groups. This is because it can be very time-consuming to find all folders with explicit user permissions assigned.
I would remove User1 from the said group that would have been created and you don't have to play with permissions of the share on the server every time a user changes (fired, quits, replaced, new position, etc.).