Thank you for the opportunity to help you with your question!
could do it manually through the GUI or using Power shell. It should always be
done from the server that is hosting the volume or folders you want to share.
Permissions should be granted based on security groups rather than individual
We programmatically identified every unique folder and all
the groups and permissions that were applied to them. Then we turned off
inheritance and directly applied any groups that were on their ACL’s.
Then, we added new groups (Data
Privilege groups) with the same masks as the original groups and added all the
users from the corresponding old groups. Later we removed the old groups from
the ACL. This left with us with only DP groups on each managed folder.
Please let me know if you need any clarification. I'm always happy to answer your questions.