Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium


Microsoft Best Practices for Share permissions on a Windows Server 2000/2003.

Posted on 2005-04-28
Medium Priority
Last Modified: 2010-04-18

I have searched and not come up with an "official" resource for the MS Best Practice for file shares and the appropriate permissions.

I am looking for a link to a Microsoft web resource on best practices for setting up file shares and folder permissions.

The scenario is:

A small office has a single File and Print server.
Three user types:
1) Supervisors - create forms and templates for everyone to use in their job functions. They use these forms as well.

2) Users - should be able to open a form, enter data, and then save it to Projects folder under the appropriate job folder.

3) Clients-are able to login to the domain with an account named "client" to go through hands on tutorials, practice how to use a computer in a one on one environment, etc..

|        |__BBonds
|        |__MMcGuire
|       |__SFGiants
|       |__OakAs
|___ etc..

Question by:pdxsrw

Expert Comment

ID: 13892494
Do you have a Novell or Microsoft network? There is no Supervisor in MS only in Novell. If you have a MS network you have the option of setting restrictions on the share or on the folder. Personally I set authenticated users full access on the share and then I decide on the folder level what NTFS rights every group of users should have. What I always do is to remove the everyone group from the folders and replace it with either a specific group or authenticated users. The thing is to choose one way of setting rights and usually you are to restricted in options with the share permissons so it is easier to go with the NTFS permissions.

Accepted Solution

veaceslavz earned 189 total points
ID: 13892975
Best practices for Shared Folders from MS
The most problems appears not from tehnical implementation, but organizational things/changes.
LVL 18

Assisted Solution

luv2smile earned 186 total points
ID: 13894128
When you talk about file/folder permissions in windows 2000+ then you are really talking about 2 kinds...NTFS and share permissions. It is important to understand the difference between the two. As said above by joe, best practice is usually to grant a large group (such as authenticated users) full access to share permissions and use NTFS permissions to control your access.

For what you want to do, you will need to set NTFS permissions.

Here are a couple links for learning about the two:



Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So you have two Windows Servers and you have a directory/folder/files on one that you'd like to mirror to the other?  You don't really want to deal with DFS or a 3rd party solution like Doubletake. You can use Robocopy from the Windows Server 200…
Organizations create, modify, and maintain huge amounts of data to help their businesses earn money and generally function.  Typically every network user within an organization has a bit of disk space to store in process items and personal files.   …
Look below the covers at a subform control , and the form that is inside it. Explore properties and see how easy it is to aggregate, get statistics, and synchronize results for your data. A Microsoft Access subform is used to show relevant calcul…
How can you see what you are working on when you want to see it while you to save a copy? Add a "Save As" icon to the Quick Access Toolbar, or QAT. That way, when you save a copy of a query, form, report, or other object you are modifying, you…

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question