HTorres
asked on
simple restriction... whats wrong?
hello
I had in nt4 200 users folders with simple restrictions working fine.
so now in w2003server I have a folders like this
enterprise\accountant
enterprise\marketing
enterprise\reports
I want only 3 people to access the "reports" folder
so I right clicked reports / properties / security
I added this 3 guys, and the administrators as full control
clic on accept and its ok,. still access everyone
okay...
so again I right clicked reports / properties / security
i went to USERS, and clicked deny into "modify".
clicked ok and then noone of these 3 guys can access...
these 3 guys are part of the users group
but they have FULL ACCESS in the permissions sheet.
why is that?
thanks in advance.
Jezz how I miss nt4.
I had in nt4 200 users folders with simple restrictions working fine.
so now in w2003server I have a folders like this
enterprise\accountant
enterprise\marketing
enterprise\reports
I want only 3 people to access the "reports" folder
so I right clicked reports / properties / security
I added this 3 guys, and the administrators as full control
clic on accept and its ok,. still access everyone
okay...
so again I right clicked reports / properties / security
i went to USERS, and clicked deny into "modify".
clicked ok and then noone of these 3 guys can access...
these 3 guys are part of the users group
but they have FULL ACCESS in the permissions sheet.
why is that?
thanks in advance.
Jezz how I miss nt4.
ASKER
thanks leew
the folder was created from barebones with this rights:
administrators full control
users full control
thats it.
----
so if mark is part of users and also part of marketing, and users has restrictions to modify, ... he can not modify ... even he has full control in the other group?
----
so i need to take mark out of users and thats it?
that wont create me other issues when login or something?
-----
the folder was created from barebones with this rights:
administrators full control
users full control
thats it.
----
so if mark is part of users and also part of marketing, and users has restrictions to modify, ... he can not modify ... even he has full control in the other group?
----
so i need to take mark out of users and thats it?
that wont create me other issues when login or something?
-----
ASKER
or should i put restrictions individually to everyother user and not in the users group?
wich one will be messier/easier?
hehehehe
wich one will be messier/easier?
hehehehe
ASKER
I removed the guys from users, and tried again with a brand new folder reports. and when I set the restriction to the users group. it blocks the 3 users again.
what am I doing wrong?
what am I doing wrong?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
that made it!
thank you leew!
thank you leew!
When you assign "deny", deny takes priority over allow, so if a person is a member of a group being "denied" then it doesn't matter if they are also in a group with allow, they are denied because deny is more important to windows.
When you set security, did you set it so that things were applied to previously existing documents and folders?