• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 285
  • Last Modified:

More Windows Share Problems, Wo is Me????

OK I asked a question the other day about Access denied to windows shares and got an awesome response, fixed the problem, now I have almost the exat opposite problem.

I have a Domain(Win 2003) with Active Directory and some big hard disc's with a bunch of files and folders on them, the folders being secured using A\D...
I can see the domain, files and folders from all computers on my network, I can map the secure folders folders using specific A\D login's but I can't seem to wirte to the folders???
Now if I make the folder a share on the network and set the permissions to the share for a specific user I gain write access for that user.
My problem is that I don't want to create 50 shares on my network. I don't understand why if I set the permissions for the user to full control, he/she can access the folder but cannot write to it?

HELP ME PLEASE
0
salsipius
Asked:
salsipius
1 Solution
 
Lee W, MVPTechnology and Business Process AdvisorCommented:
What are the share permissions - typically, the SHARE permissions should be set to EVERYONE:FULL - 2003 sets them to EVERYONE:READ ONLY.  (This is a very similar if not identical answer to your previous question but without know what exactly a given share's permissions are, I can't say).
0
 
Brian LowranceNetwork AdministratorCommented:
There are 2 types of permissions that come into play here.  Share level permissions (since we are accessing files across the network), and NTFS permissions (local permissions set on the servers hard drive).
Share level permissions are permissions that are applied when a file/folder/share is accessed over the network.
NTFS level permissions (ie: The Security tab in folder properties) are applied when a file/folder/share is accessed from the servers hard drive.  (locally and remotely).

2003 server will use the MOST restrictive permissions set.

Example:  Share name  "DATA"   Folder location:  "D:\Shared\Data"
Share permissions:  
    JDoe=Read Only.  
    BSmith=Full Control.  
    JJones=Full Control.
NTFS persmissions:  
    Jdoe=Full Control.  
    BSmith=Read and execute,List folder contents.  
    JJones=Full Control.

JDoe - Will be able to read the files and data in the share, but will not be able to write. (Share level is the most restrictive in this case so it is applied over the network.. Jdoe=Read Only, where NTFS allows Jdoe to have full control).  If Jdoe could log in to the server console, then JDoe would have full control access to the D:\Shared\Data folder.

BSmith - Will be able to read the files and data in the share, but will not be able to write. (NTFS level is the most restrictive in this case so it is applied locally on the server, and does not allow the higher level access requested across the network.)  If BSmith could log in to the server console, then BSmith would only be able to READ and Execute programs in the D:\Shared\Data folder,  No Writing.

JJones - Will be able to Read and Write to the files and data in the share. (Both NTFS and Share level permissions permit JJones Full Control access).  If JJones could log in to the server console, then JJones would have full control of files/folders/permissions in the D:\Shared\Data folder.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now