I have a folder called "scanned" which is shared. Share full access permissions for everyone. Folder security is complete access for everyone.
I have created user folders under scanned. Each subfolder has inherited permissions disabled. Permissions for subfolders are system accounts, administrator, and folder owners. All have full access. All other groups have been deleted, such as authenticated users or domain users.
The problem is that a user can watch the contents of another user folder. I've tried to explicitly deny a user in another user's folder, but this one can still browse the folder.
I discovered that an earlier computer company had made all users members of the domain administrators group. I have deleted all users from this group.
I created a new shared folder called "test" and created two subfolders for two users. I've protected the subfolders as above and have even been able to prohibit a user from accessing other users' folder, but they can still browse the denied folder .
I do not arrive. Was access control interrupted by the fact that everyone was a domain administrator? This is a Server 2016 Standard box. Thanks in advance