Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Configuring Permssions on a shared drive

Posted on 2006-05-31
4
Medium Priority
?
139 Views
Last Modified: 2013-12-04
I have a Dell 745N NAS device and I have created a few SHARES.  What is the standard or recommended way to configure the security permissions on the root directory of each SHARE? I have a HOME share where every employee has their 'home' folder...   Should everyone be able to at least 'LIST' the folders etc...  and I have a GROUPSHARE folder where each Dept. has folders to keep their documents in...    Also, should the inherited check box be off or on?
0
Comment
Question by:anthonyca
2 Comments
 
LVL 12

Accepted Solution

by:
gidds99 earned 100 total points
ID: 16809717
The permissions depend very much on the nature of your environment so as such there is no standard way.  There is however best practice.  You can check these guides for some basic guidlines:

http://www.windowsecurity.com/articles/Share-Permissions.html

http://www.windowsecurity.com/articles/Understanding-Windows-NTFS-Permissions.html

You should remember that access is based on a combination of share and ntfs permissions.  Also the inherit option needs to be unchecked if you want to apply different permissions to the child directories.

Hope this helps.
0
 

Assisted Solution

by:klindo
klindo earned 100 total points
ID: 16817923
Obviously this all depends on the specific needs of your environment, but here is a simple configuration.

For the shares permissions, give Full Control to a group such as "Authenticated Users" or Everyone, you could also use a list of more restrictive groups fro a little added security.  From there you will rely on the NTFS permissions to control access.

For the NTFS permissions on each share, I would recommend only giving permissions (you probably want to use Full control here) to administrative groups.  By that I mean IT admins, not office admin type staff.   Let these permissions inherit down.   On the HOME root folder, you do not need to add any list permissions for individual users or user groups, assuming they are mapping a drive directly to their Home folder to (\\server(nas)\home\username).  For each individual home folder, just add the appropriate permissions for each respective user in addition to the inherited admin perms.  If you are using redirection/offline files, then you need to give the user full control over the folders.
For the GROUPSHARE root folder, I would recommend that you do not allow user to have any ability to write to root as this helps keeps a cleaner structure in place.  Just give admins control and list for a User related group if they map a drive to the top level of the share (if they map to directly to their department folder under the share then list is not needed).  Then under the root folder create each department folder and give rights accordingly for admins and each department.
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As I write this article, I am finishing cleanup from the Qakbot virus variant found in the wild on April 18, 2011.  It was a messy beast that had varying levels of infection, speculated as being dependent on how long it resided on the infected syste…
Many of us in IT utilize a combination of roaming profiles and folder redirection to ensure user information carries over from one workstation to another; in my environment, it was to enable virtualization without needing a separate desktop for each…
When cloud platforms entered the scene, users and companies jumped on board to take advantage of the many benefits, like the ability to work and connect with company information from various locations. What many didn't foresee was the increased risk…
Enter Foreign and Special Characters Enter characters you can't find on a keyboard using its ASCII code ... and learn how to make a handy reference for yourself using Excel ~ Use these codes in any Windows application! ... whether it is a Micr…
Suggested Courses

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question