Profile Containers store user information in VHD(X) files. These files are stored in a network location. Profile Containers and Office Containers can automatically create the folders and files needed. To avoid security issues, user permissions must be created to allow users to create and use a profile, while not allowing access to other users’ profiles.
Per FSLogix documentation (https://docs.microsoft.com/en-us/fslogix/configure-per-user-per-group-ht), the following is recommended:
User account | Folder | Permissions |
---|---|---|
Users
This Folder Only
Modify
Creator/Owner
Subfolders and Files Only
Modify
Administrator (optional)
This Folder, Subfolders and Files
Full Control