Re: NTFS permissions are ignored on a share.

Tech Tip: Click here to run a free scan for Windows Errors and optimize PC performance

Pegasus (MVP) wrote:
"mnmis" <mnmis@xxxxxxxxxxx> wrote in message
news:ejsjIxedHHA.4916@xxxxxxxxxxxxxxxxxxxxxxx
Pegasus (MVP) wrote:
"mnmis" <mnmis@xxxxxxxxxxx> wrote in message
news:O3wdqbedHHA.1388@xxxxxxxxxxxxxxxxxxxxxxx
I have been trying to setup a share on a Windows 2003 server.

I have the share's permissions set to everyone and when I set the NTFS
permissions on the share or any subdirectory, they are ignored.

Any ideas on how to get this to work?

Thanks.
What do you mean with "are ignored"? People being refused
access? If so then it is not a case of the NTFS permissions
being ignored but a case of your share permissions not being
set to "Full access for everyone". These are two independent
mechanisms!


Sorry for the confusion.

Ignored means that the NTFS restrictions do not work. Everyone can see
every folder and file on the share.

I cannot restrict users from seeing folders or files at all.
It is like the NTFS permissions are not there.

Please put some meat on this bone by doing this:
1. Log on as a restricted user.
2. Start a Command Prompt.
3. Navigate to the parent folder whose subfolders are meant
to be inaccessible to this user.
4. Pick a subfolder name. I will assume the name is "ABC".
5. Type these commands:
net user %UserName% > c:\test.txt
cacls ABC >> c:\test.txt
dir ABC 1>>c:\test.txt 2>>&1
md ABC\test 1>>c:\test.txt 2>>&1

Now post the contents of c:\test.txt.



Here is the output.

C:\Documents and Settings\testfin>net user testfin
The user name could not be found.

More help is available by typing NET HELPMSG 2221.

cacls command gives me this

Z:\MIS BUILTIN\Administrators:(OI)(CI)F
CREATOR OWNER:(OI)(CI)(IO)F


dir mis gives me this

Volume in drive Z is Local Disk
Volume Serial Number is 9024-C01B

Directory of Z:\mis

04/03/2007 10:49 AM <DIR> .
04/03/2007 10:49 AM <DIR> ..
04/03/2007 10:49 AM <DIR> New Folder
0 File(s) 0 bytes
3 Dir(s) 131,006,431,232 bytes free


md command works and creates the folder

The net user command is the only failure.
.

Relevant Pages

  • Re: Unable to delete orphaned 1.5 GB System Restore folder
    ... The fact that the tech support is based in India has nothing to do with the ... If so you may want to leave this folder alone. ... down to all children folders because i can set those permissions to ... try deleting from the command line using system by using the AT ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Unable to delete orphaned 1.5 GB System Restore folder
    ... The only computers i fix are my own. ... If so you may want to leave this folder alone. ... it includes all subdirectories with inherited permissions. ... try deleting from the command line using system by using the AT ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Unable to delete orphaned 1.5 GB System Restore folder
    ... You did not give any info on if you checked file permissions or not. ... information folder being a perfect example of one and by default only system ... Using the attrib command does more than you suggested because ... Restore files and how to turn that off for files no longer used by System ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Help with cacls in WinXP Home
    ... Take Ownership of a File or Folder in Windows XP ... all the information I have of CACLS: ... Just because you can set permissions with Cacls doesn't mean you should. ... Try the Cacls command on a test folder first and make sure that your ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Unable to delete orphaned 1.5 GB System Restore folder
    ... all subdirectories with inherited permissions. ... rights to the folder and all subdirectories. ... It's clear that neither of you know how System Restore protects its files. ... Using the attrib command does more than you suggested ...
    (microsoft.public.windowsxp.security_admin)