Re: Share Permissions vs NTFS Permissions


"Pegasus" <I.can@xxxxxxx> wrote in message
news:e6GUq0PsHHA.4860@xxxxxxxxxxxxxxxxxxxxxxx

"Jon" <Jon@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:DC311C60-378B-403E-9F04-EBBDA55AEEC3@xxxxxxxxxxxxxxxx
Hello,

I'm struggling to understand permissions in W2k3 server standard. I have
shared a folder, 'Documents', and set the share permission for my user
group
to Read only. On a sub-folder within 'Documents' I want my user group to
have
full control so have set the folder's security permissions appropriately.
However, members of the user group are denied access.

Which set of permissions take precedence? Should I avoid share
permissions
altogether or set them in a particular way?

Apologies if this has been answered before - haven't been able to find
the
answer.

Thanks, Jon

You should set the Share permissions to "Full access" for everyone,
then tune the NTFS permissions to meet your specific requirements.

As a general recommendation this is not a good one -- sometimes it is
the right choice, but share permissions should ALSO be set by GROUP,
and set to the minimum needed for that group.

Anyone can make a mistake setting the NTFS permissions and share
permissions give us another layer of defense IF security is important to
us.

In general, "Everyone" (and similar generic groups) should seldom if
ever be used when graning ANY permissions.

Use specific groups. Give the minimum.


.

Relevant Pages

  • Re: Share Permissions vs NTFS Permissions
    ... I'm struggling to understand permissions in W2k3 server standard. ... members of the user group are denied access. ... then tune the NTFS permissions to meet your specific requirements. ... As a general recommendation this is not a good one -- sometimes it is ...
    (microsoft.public.windows.server.general)
  • Re: Share Permissions vs NTFS Permissions
    ... I'm struggling to understand permissions in W2k3 server standard. ... members of the user group are denied access. ... then tune the NTFS permissions to meet your specific requirements. ... As a general recommendation this is not a good one -- sometimes it is ...
    (microsoft.public.windows.server.general)
  • Re: NTFS and shared permissions
    ... > I have a few questions about NTFS permissions and share that I hope ... I know that NTFS permissions are applied to ... NTFS permissions are of course needed for control of accounts ... down from a more broad NTFS grant). ...
    (microsoft.public.security)
  • Re: Need Help on Assigning Specific Permissions to Shares
    ... can not be changed which would leave only ntfs permissions to control ... in groups to have necessary ntfs permissions. ... XP uses simple file sharing by default. ... > XP Pro but it doesn't say it works in Home edition. ...
    (microsoft.public.windowsxp.security_admin)
  • RE: Migrating File servers
    ... shared permissions separately. ... For NTFS permissions, we can use the Windows 2000 Resource Kit tool ... Copy all the data from the old file server to target file server. ...
    (microsoft.public.windows.server.migration)
Loading