Add NTFS permissions to share - best practices?
I'm working on a new hire workflow and am trying to create the new user's share on our file server and give them permissions to the share, but I'm having difficulties.
The "Create Directory" component works flawlessly, but I need to give the newly-created user full rights to that directory. I've found the "Add User to Share" component in the Active Directory components doesn't seem to work at all, and the "Set File/Folder System Rights" works intermittently.
In this example, say I created \\server\share$\username upstream in the workflow.
Using Set File/Folder System Rights, I configured it as such:
- Path Type = Folder
- Folder = Dynamic value: \\server\share$\[samaccountname_variable]
- User = Dynamic value: [samaccountname_variable]@domain.local
- Rights = FullControl
Half the time this component works, the other half it doesn't. I've placed pauses in the workflow beforehand, thinking that things didn't finish getting created before this component hits, but that doesn't seem to be the issue.
Using Add User to Share, I've tried to configure as such:
- Shared folder input source: Unc Path
- Shared Folder UNC Path = Dynamic value: \\server\share$\[samaccountname_variable]
- User Name or SAM or UPN: [samaccountname_variable] OR [samaccountname_variable]@domain.local
- User Domain Admin Credentials = Checked
- Permission Level = Full
This follows the Error path and the ActiveDirectoryError variable is "Not found" in every situation.
How do you handle this?