[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 220
  • Last Modified:

2003 server: Users/File Sharing/Security Questions

I have the server setup.. made a share called "share" and put a few folders in it (one for each dept), copied about 1/2 the folders over..

I assume i could now just control who accesses what by assigning users rights to the folders. However, when i go into security on the folders, i want to just give one user control, so i add then, then i take out the group "users" (which is everyone), but it won't let take that group out. so i thought i could just deny the group users, and give the users I want to have access control. But now it says that if the user i give control is in the group "users" (which they of course area), they too will be denied..

So what am i doing wrong? Should users not be a memeber of the group users? Why can't i remove the group users from the security settings for the files? how do i go about just letting one or 2 users have full control on the folder, and everyone else can't even access it. (total access denied for them).

also what group (beside the ones i create) should my users be members of. Seeing they are automatically in the group domain users and users. and some other odd ones..

all a bit conjfusing to me.

1 Solution
You have to remove inheritance for the users group.  Simply do this:

1.  Go to the security tab of the share.
2.  Click "advanced" down the bottom
3.  Uncheck the "Allow inheritable permissions from the parent to...."
4.  At the prompt choose to copy the existing permissions.
5.  You can now delete the users group and add just the permissions you need.  Or you can just assign read permissions to the users group if you need everyone to read and give that one specific user modify permissions.
6.  Remember that you need to also give that user modify share permissions.  Go to the Sharing tab and click permissions - it should already have the "everyone" group in there with Read permissions.  You can either change this to "change" and use the previous NTFS permissions to secure or you can leave everyone with READ and just add the user with change.

Hope this helps.


Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now