Re: Windows 2003 file sharing and NTFS right
- From: xiaomei <xiaomei@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Tue, 29 Jan 2008 07:44:03 -0800
Hi, Pegasus,
One more worry is: initially I want check out the user access right and
document it and verify with each department, but now, I could not find out
the exact right each user have, then I need get the information from each
department for so many shared folder, this is not good.
Is there any tools or fast way to reset the NTFS permission to the windows
defualt, then I can recreate those accessing right.
Thanks again!
Shermaine
"Pegasus (MVP)" wrote:
Knock out the special permissions, then set simple read-only permissions:.
cacls F:\IT_EAPPS /e /t /r users
cacls F:\IT_EAPPS /e /t /g users:r
"xiaomei" <xiaomei@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:48519193-96CB-4DDB-A99B-41E3521FCFED@xxxxxxxxxxxxxxxx
Hi, Pegasus,
Thanks for your time and reply, here are the txt fie I got after execute
the
script:
User name dianalim
Full Name Diana Lim
Comment
User's comment
Country code 000 (System Default)
Account active Yes
Account expires Never
Password last set 1/28/2008 2:52 PM
Password expires Never
Password changeable 1/28/2008 2:52 PM
Password required Yes
User may change password No
Workstations allowed All
Logon script
User profile
Home directory
Last logon 1/29/2008 9:06 AM
Logon hours allowed All
Local Group Memberships *IT Team *Users
Global Group memberships *None
The command completed successfully.
F:\IT_EAPPS BUILTIN\Administrators:(OI)(CI)F
NT AUTHORITY\SYSTEM:(OI)(CI)F
BUILTIN\Administrators:F
CREATOR OWNER:(OI)(CI)(IO)F
BUILTIN\Users:(OI)(CI)R
BUILTIN\Users:(CI)(special access:)
FILE_APPEND_DATA
BUILTIN\Users:(CI)(special access:)
FILE_WRITE_DATA
Share name Resource Remark
-------------------------------------------------------------------------------
F$ F:\ Default share
G$ G:\ Default share
C$ C:\ Default share
ADMIN$ C:\WINDOWS Remote Admin
D$ D:\ Default share
IPC$ Remote IPC
DevUtil D:\Development Utilities
Download D:\Download
FAX D:\FAX
Con_Confidential
F:\Con_Confidential
Con_Public
F:\Con_Public
IT_Backup
F:\IT_Backup
IT_Contract
F:\IT_Contract
IT_EAPPS
F:\IT_EAPPS
IT_ESOL F:\IT_ESOL
IT_Probation
F:\IT_Probation
IT_Public
F:\IT_Public
MAX C:\MAX
ofcscan C:\Program Files\Trend Micro\Security Server\PCCSRV
The command completed successfully.
The syntax of this command is:
NET SHARE
sharename
sharename=drive:path [/GRANT:user,[READ | CHANGE | FULL]]
[/USERS:number | /UNLIMITED]
[/REMARK:"text"]
[/CACHE:Manual | Documents| Programs |
None ]
sharename [/USERS:number | /UNLIMITED]
[/REMARK:"text"]
[/CACHE:Manual | Documents | Programs | None]
{sharename | devicename | drive:path} /DELETE
The user acc is dianalim, who is under IT Team group and users group. both
groups have the right as I describled in my initially mail. the shared
name
is the same as the windows folder name.
Many thanks again!
Shermaine
"Pegasus (MVP)" wrote:
"xiaomei" <xiaomei@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:62750D60-9475-4FF8-A2BA-7E3CFDBFB6E4@xxxxxxxxxxxxxxxx
Hi, There.
We are in workgroup network environment. ( No domain). One windows 2003
server served as file server, I have some problem of the file access
permission:
1. One shared folder named Folder1
2. Shared permission to Group1 with allow permission for full control,
read
and changed
3. NTFS right is give to Users Group with read, list folder content and
read
& Execute
4. Bob is put in Both Group1 and users group.
Q: What is Bob's Network access right for Folder1.
I Thought Bob should has read access only, however, when I tried to
network
login with bob acc, I can even create & delete data from the folder.
The
server was setup by others who is no longer with the company, is there
any
other setting on the server which overwrite the windows file sharing
setting?
Many thanks in advance!
Shermaine
Let's see some hard evidence about your user's access rights!
1. Log on as Administrator on your 2003 server.
2. Assuming D:\Folder1 is the problem folder, execute
these commands from a Command Prompt:
net user Bob > c:\test.txt
net groups 1>>c:\test.txt 2>>&1
net localgroups 1>>c:\test.txt 2>>&1
cacls D:\Folder1 1>>c:\test.txt 2>>&1
net share 1>>c:\test.txt 2>>&1
net share xxx 1>>c:\test.txt 2>>&1
notepad c:\test.txt
3. Post the contents of this file.
Note: You must replace xxx with the real name of the share
that points to d:\Folder!
- Follow-Ups:
- Re: Windows 2003 file sharing and NTFS right
- From: Pegasus \(MVP\)
- Re: Windows 2003 file sharing and NTFS right
- References:
- Windows 2003 file sharing and NTFS right
- From: xiaomei
- Re: Windows 2003 file sharing and NTFS right
- From: Pegasus \(MVP\)
- Re: Windows 2003 file sharing and NTFS right
- From: xiaomei
- Re: Windows 2003 file sharing and NTFS right
- From: Pegasus \(MVP\)
- Windows 2003 file sharing and NTFS right
- Prev by Date: Re: Windows 2003 file sharing and NTFS right
- Next by Date: Re: Windows 2003 file sharing and NTFS right
- Previous by thread: Re: Windows 2003 file sharing and NTFS right
- Next by thread: Re: Windows 2003 file sharing and NTFS right
- Index(es):
Relevant Pages
|
