Home Folder provisioning permissions issue

I'm provisioning accounts for new users using ARS 6.9, and one of the steps is to create the home folder.  No problem.  It gets created without any issues.  We want it to inherit the parent folder permissions, and also Grant Full Access to the user on the folder.  This way a specific admin group gets rights to all folders, and the user has Full Access.

I can see in the policy properties it has boxes checked for copying permissions from the parent, and also a drop-down to grant full access.

What I'm running into seems to be a bug where the folder when created only inherits permissions, and the user who has the folder applied doesn't actually gain the full access as they're supposed to.  You can see the settings I have in the policy below.

  • The policy seems to be working fine in my lab - newly created user account gets "Full Control" permissions granted on the home folder, sub-folders and files.

    Please open a Service Request with Dell Support to get assistance with troubleshooting.

  • Are you home folders on a Windows server or a NAS?  I've seen this behavior when working against a NAS.  As far as i know ARS still does not support home folder provisioning against a NAS.

  • The folders we're creating are on a NAS, and they do get created properly.  What appears to be happening is that they can either inherit the parent folder permissions OR they can have full access to their folder, but not both.   Basically we have a parent folder that gives permission to all employees, and then the home folders belonging to our Contractor gets created under there and gives the contractor full access to their folder only.  When that folder is created, it can either give that contractor full access to their own folder, OR it can inherit that permission from the parent that allows employees access to the folder.  It's not doing both.

  • That is how ARS behaves when working with home folders on a NAS.  ARS can create the folder but will not properly apply the permissions as configured in the policy.

    I've raised this issue to support in the past and was told that it is simply not supported by the product and that enhancement requests have been logged.