We have an interesting problem for the forums. We have implemented Distributed File Services for managing our shares.
SecurityGroupA has similar ACL assignments to FolderA and FolderB.
SecurityGroupB has limited ACL assignments to FolderB.
When a member of SecurityGroupA moves a file from FolderA to FolderB, the file does not not inherit from FolderB. We believe the issue is the DFS link gets redirected, but since the file's physical location doesn't actually move so no ACL changes happen and SecurityGroupB cannot see the file.
If we break folder inheritance, then reapply inheritance to all child objects, this "fixes" ACL assignments and SecurityGroupB can see the file.
One process I am considering is enabling file auditing and using event log "file creation" to trigger an ACL refresh script. That's about as far as I have got to developing the process, though.
Has anybody with DFS implementations run into this? If so, how did you address the ACL refresh?
Thanks,
CS