folder redirect working, but not really. event id 112

"the security descriptor is invalid"

that error im getting in event viewer when trying move files old share new share of users redirected documents.

the server 2k8r2 , have following configured on it(*also note server read domain controller , global catlog server well, not sure if has effect on shared folder off of it).

share permissions share$
- full control

ntfs permissions:

system: full ( folder, sub , files)
creator/owner - full (subfolders , files only)
administrators: full ( folder, sub , files)
authenticated users - allow following:
    create folder/append data (apply onto: folder only) 
    list folder/read data (apply onto: folder only)
    read attributes (apply onto: folder only),
    traverse folder/execute file (apply onto: folder only)

***note not have home share setup on user profile. under profile tab of user blank, im not mapping drive anywhere.***

have turned on folder redirection in group policy

i have documents redirection settings set to:
basic > redirect everyones folder same location
create folder each user under root path

root path: \\newserver\share$ (this share have security settings above configured for)

in settings tab of redirection settings have checked:
"move contents of documents new location"  (and because need move users current documents new share.  the old share on older server are decommissioning.

"leave folder in new location when policy removed".

whats strange when the user logs in, see create username folder , documents folder under username, starts create first directory going copy over(folderabc), doesnt copy files over.

and error in eventviewer.

failed perform redirection of folder documents. files redirected folder not moved new location. folder configured redirected <\\newserver\share$\%username%\my documents>.  files being moved <\\oldserver\oldshare\usera\mydocuments> <\\newserver\share$\usera\my documents>. following error occurred while copying <\\oldserver\oldshare\usera\mydocuments\folderabc> <\\newserver\share$\usera\my documents\folderabc>: 

security id may not assigned owner of object. 

if go computer, right click documents(the old share path still there)
if manually type in new share path "\\newserver\share$\usera\my documents" , hit apply, asks if want move items new share. yes, , no problem.

why can windows, group policy fails. not not move files new destination, it doesn't change path of documents folder user either.

sorry long description. , thx in advance.

i figured out.

i ended giving full control under share permissions.(this same if gave domain users, or specific site user group)

for ntfs security gave authenticated users full control , under apply selected folder only
left following groups behind default permissions had.
creator/owner
administrators
system

Windows Server  >  Group Policy