Re: Windows 2003 file sharing and NTFS right

Tech-Archive recommends: Fix windows errors by optimizing your registry

Knock out the special permissions, then set simple read-only permissions:

cacls F:\IT_EAPPS /e /t /r users
cacls F:\IT_EAPPS /e /t /g users:r


"xiaomei" <xiaomei@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:48519193-96CB-4DDB-A99B-41E3521FCFED@xxxxxxxxxxxxxxxx
Hi, Pegasus,
Thanks for your time and reply, here are the txt fie I got after execute
the
script:

User name dianalim
Full Name Diana Lim
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never

Password last set 1/28/2008 2:52 PM
Password expires Never
Password changeable 1/28/2008 2:52 PM
Password required Yes
User may change password No

Workstations allowed All
Logon script
User profile
Home directory
Last logon 1/29/2008 9:06 AM

Logon hours allowed All

Local Group Memberships *IT Team *Users
Global Group memberships *None
The command completed successfully.

F:\IT_EAPPS BUILTIN\Administrators:(OI)(CI)F
NT AUTHORITY\SYSTEM:(OI)(CI)F
BUILTIN\Administrators:F
CREATOR OWNER:(OI)(CI)(IO)F
BUILTIN\Users:(OI)(CI)R
BUILTIN\Users:(CI)(special access:)

FILE_APPEND_DATA

BUILTIN\Users:(CI)(special access:)

FILE_WRITE_DATA



Share name Resource Remark

-------------------------------------------------------------------------------
F$ F:\ Default share

G$ G:\ Default share

C$ C:\ Default share

ADMIN$ C:\WINDOWS Remote Admin

D$ D:\ Default share

IPC$ Remote IPC

DevUtil D:\Development Utilities
Download D:\Download
FAX D:\FAX
Con_Confidential
F:\Con_Confidential
Con_Public
F:\Con_Public
IT_Backup
F:\IT_Backup
IT_Contract
F:\IT_Contract
IT_EAPPS
F:\IT_EAPPS
IT_ESOL F:\IT_ESOL
IT_Probation
F:\IT_Probation
IT_Public
F:\IT_Public
MAX C:\MAX
ofcscan C:\Program Files\Trend Micro\Security Server\PCCSRV

The command completed successfully.

The syntax of this command is:


NET SHARE
sharename
sharename=drive:path [/GRANT:user,[READ | CHANGE | FULL]]
[/USERS:number | /UNLIMITED]
[/REMARK:"text"]
[/CACHE:Manual | Documents| Programs |
None ]
sharename [/USERS:number | /UNLIMITED]
[/REMARK:"text"]
[/CACHE:Manual | Documents | Programs | None]
{sharename | devicename | drive:path} /DELETE

The user acc is dianalim, who is under IT Team group and users group. both
groups have the right as I describled in my initially mail. the shared
name
is the same as the windows folder name.

Many thanks again!

Shermaine




"Pegasus (MVP)" wrote:


"xiaomei" <xiaomei@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:62750D60-9475-4FF8-A2BA-7E3CFDBFB6E4@xxxxxxxxxxxxxxxx
Hi, There.
We are in workgroup network environment. ( No domain). One windows 2003
server served as file server, I have some problem of the file access
permission:

1. One shared folder named Folder1
2. Shared permission to Group1 with allow permission for full control,
read
and changed
3. NTFS right is give to Users Group with read, list folder content and
read
& Execute
4. Bob is put in Both Group1 and users group.

Q: What is Bob's Network access right for Folder1.
I Thought Bob should has read access only, however, when I tried to
network
login with bob acc, I can even create & delete data from the folder.
The
server was setup by others who is no longer with the company, is there
any
other setting on the server which overwrite the windows file sharing
setting?

Many thanks in advance!

Shermaine

Let's see some hard evidence about your user's access rights!
1. Log on as Administrator on your 2003 server.
2. Assuming D:\Folder1 is the problem folder, execute
these commands from a Command Prompt:
net user Bob > c:\test.txt
net groups 1>>c:\test.txt 2>>&1
net localgroups 1>>c:\test.txt 2>>&1
cacls D:\Folder1 1>>c:\test.txt 2>>&1
net share 1>>c:\test.txt 2>>&1
net share xxx 1>>c:\test.txt 2>>&1
notepad c:\test.txt
3. Post the contents of this file.

Note: You must replace xxx with the real name of the share
that points to d:\Folder!





.

Relevant Pages

  • Re: Network shares cannot connect
    ... User Name: SERVER$ ... Regarding the shares accessing problem, I suggest you try following steps ... let's focus on the Users Shared Folder first. ... To check this permission, please click the Advanced button, select ...
    (microsoft.public.windows.server.sbs)
  • Re: Network shares cannot connect
    ... Changed value to 0 just waiting to re-boot the server and test logins. ... Workstation Name: - ... let's focus on the Users Shared Folder first. ... To check this permission, please click the Advanced button, select ...
    (microsoft.public.windows.server.sbs)
  • Re: Network shares cannot connect
    ... Changed value to 0 just waiting to re-boot the server and test logins. ... Workstation Name: - ... let's focus on the Users Shared Folder first. ... To check this permission, please click the Advanced button, select ...
    (microsoft.public.windows.server.sbs)
  • RE: Documentation of servers, directories, software ???
    ... If the parent folder has the proper permission and you have configured the ... Microsoft Global Technical Support Center ... we just lost track of that the end users put on on the server. ...
    (microsoft.public.windows.server.migration)
  • Re: Windows 2003 file sharing and NTFS right
    ... department for so many shared folder, ... who is under IT Team group and users group. ... server served as file server, I have some problem of the file access ... Bob is put in Both Group1 and users group. ...
    (microsoft.public.windows.file_system)