nsailsb
asked on
Network Share is overriding NTFS permissions on Microsoft Server 2003
I have a website for my company’s intranet that I moved from a NT server to a 2003 server. The way it was setup on the NT server is it had a share giving domain users read only permissions and the individual parts of the site were setup with NTFS permissions to allow these users to edit their designated parts of the site.
Here is roughly how it is setup:
The share is set to:
E:\website
Our users sites are all contained within the share so they are as follows:
E:\website\site1
E:\website\site2
E:\website\site3
E:\website\site4
E:\website\site5.......
E:\website\site75
I want the users to be able to go to the share and only be able to edit their designated site. I have all of the NTFS permissions set up. But what I have run into is when I set the share to allow domain users read only rights then nobody can edit their own site and if I give domain users read and write access through the share the share overrides the NTFS permissions and allows everyone to edit any of the sites. I want to avoid changing the setup because I have over 70 sites I would have to setup and I would have to help over 120 programmers to change their process for publishing their websites.
Thanks in advance!
Here is roughly how it is setup:
The share is set to:
E:\website
Our users sites are all contained within the share so they are as follows:
E:\website\site1
E:\website\site2
E:\website\site3
E:\website\site4
E:\website\site5.......
E:\website\site75
I want the users to be able to go to the share and only be able to edit their designated site. I have all of the NTFS permissions set up. But what I have run into is when I set the share to allow domain users read only rights then nobody can edit their own site and if I give domain users read and write access through the share the share overrides the NTFS permissions and allows everyone to edit any of the sites. I want to avoid changing the setup because I have over 70 sites I would have to setup and I would have to help over 120 programmers to change their process for publishing their websites.
Thanks in advance!
Lee W, MVP
Nope, you're mistaken. Share Permissions do NOT override NTFS permissions. When connecting to a share with share permissions set, the MOST RESTRICTIVE permissions prevail. Meaning if NTFS is Full Control and Share is Read only, then users only have READ ONLY. IF NTFS is READ ONLY and Share is FULL CONTROL, then you only have READ ONLY (NTFS being the most restrictive).
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks! thats what i thought, but it was not working. So i just checked and realized the domain ID i was using to test with is in the admin group of the server and that is why it seemed like i was able to write to the folders when i didnt think i had permissions.