Dear forum-members,
I have got a problem with folder-permissions (acl) on a Windows 2003 Server with Terminal Services (Citrix).
The application "Sybase" is installed on the D-drive (disk). A thrid party application needs Sybase to communicate through the sql.ini with the database. All terminal server users needs read permissions on the Sybase install directory to
use the sql.ini.
Normally every new folder on a server has the Builtin Administrators-group and System account "Full-Control" permissions and the Builtin Users-group had "Read en List" permissions. Now on the Sybase folder only the Builtin Administrators-group
en System account are at the security tab, but
not the Builtin Users-group.
When I manually set the Builtin Users-group with read permissions it okay, but after a while the Builtin Users-group is gone/deleted/removed. There is no signal that a person, proces or action removes the permissions for the Builtin Users-group. I set
Auditing on the folder, but with no result. I know for sure there is no GPO (Group Policy) that removes this group.
For now I have a dirty solution to run a scheduled task every 10 minutes that run xcalcs to set the permissions. A tried a GPO to set the permissions, after a reboot the group policy doesn't apply (only after a gpupdate /force).
Does some one of you has another proper/nice solution to force the read permissions on the Sybase folder for the Builtin Users-group?
Thanks in advance.
Greetings, Sidney