I have to say that I have reported the same problem in Windows Server 2012 Essentials as I had reported it two years ago for SBS Standard 2011 and SBS Essentials 2011. Unfortunately also in this case I had from Microsoft people the answer, that this is »feature by design«.
The explanation of the problem is simple. In any Microsoft environment, administrator does not have the access to other users’ redirected folders. For me, this is a right approach (of course the user can have in this folder some private data and we must leave them as that). The same thing is in Essentials server; administrator, in the way of browsing on server, is not able to access to other users’ folders.
We can see, that this is the same approach like in other products and is the same approach as is in server environment at least since Windows server 2000. It gives privacy and confidence to all users for their data, because they are secure.
In other way,if you try to access to the same data true RWA,you will get a surprise. You can access to all users’ folders, and also to any shared folder.
It does not depend on security settings, it is simply accessible. Do you think, that this will help to inspire confidence in users? I don’t think so.
What does Microsoft say? They are sure, that this is a small environment, where administrator must have access to data for support reason (OK, but to private files?). I might try to understand them, but this state as is now, sounds like “Sorry Mr. User, I cannot help you from your office. If you like my help, I can do this from home.” This is not a clear situation. In most cases you cannot access to personal data like in “real systems”, but it exists a work around (which is not a trusted computing approach). We have two very different types of understanding what are and how to secure users personal data. This is not the right way and I think that is not clearly defined what administrator can do and what he can’t do.
So once again, please let me know what do you think about this and also tell the same things to Microsoft people via connect site or forums. It will be the best thing for us and our customers..
Elvis, I agree with you.
This is problem. In small environments security is also very important.
Nobody, include administrators must not have access to users folders.
From my point of view this is a bug and should be fixed.
Vojko