When deploying our server application, on Windows Sever 2008 R2, we create a folder in "C:\Program Files" with an local administrator user and change the owner of the folder to that of a particular domain user.
When the application is running under that domain user, it is denied access when trying to create a sub folder.
My assumptions are:
- That in terms of ACLs, there is little to no difference between a domain user or local user being the owner of a folder.
- That by being the owner of a folder, they have "Creator Owner" permissions.
- By being "Creator Owner", they have necessary permissions to read / write permissions to a folder without needing to may any additional ACL changes.
- That no parent folders, i.e. "Program Files" are imposing any restrictions. After all, the user is the owner and "Creator Owner".
Since the domain user can not create sub-folders in my case, could you please tell me what is wrong with my assumptions?