Solved

File security settings and Shared Folder permissions--how do they interact?

Posted on 2006-07-13
3
243 Views
Last Modified: 2013-12-04
In Windows 2000 server, our folder share permissions were pre-set to Full Control for the everyone group (I believe that is the default.)  To limit access to folders and shares, I assigned specific groups and users in the folder securities tab.  In the process, I removed a lot of inherited permissions.

I just upgraded my servers to Windows 2003, and discovered that my 2000 server method did not work as well because the everyone group did not get full rights by default.  (I actually had not even realized the Folder Permissions setting was present in Windows 2000.)  In my attempt to get things working again, I did some research on permissions and security and came to the conclusion that the way we had done things in Windows 2000 was not the best way.  Specifically, removing a lot of inherited permissions bogged down the database with unnecessary data (is this correct?)  

Now I am trying to work out the interaction between share permissions and folder securities.  I have read a couple manuals and they give me just enough information to want more.

My questions are:
1.  Is there a way to allow only certain users and groups to see a particular share?  
2.  Is the removal of inherited permissions best avoided, if possible?
3.  What exactly does the Share Permission control?
4.  Can someone point me to a good resource that describes permissions in detail with examples?

Thanks,
srsdtech
0
Comment
Question by:srsdtech
  • 2
3 Comments
 
LVL 3

Accepted Solution

by:
GeneralMandible earned 500 total points
ID: 17104508
I think this maybe the issue you're dealing with:
http://www.windowsitpro.com/Article/ArticleID/41280/41280.html

& here is a guide to some settings:
http://www.mcmcse.com/microsoft/guides/ntfs_and_share_permissions.shtml
http://support.microsoft.com/default.aspx?scid=kb;en-us;325361

These should answere a few of your questions
0
 
LVL 3

Expert Comment

by:GeneralMandible
ID: 17104611
I believe in Windows a share is either visible or hidden globally using a $ at the end of the share name (correct me if I'm wrong).  I think all you can do is restrict access...or make it hidden (& restricted) and only give the respective groups/users the share name.
0
 

Author Comment

by:srsdtech
ID: 17109464
Thanks General Mandible.  
I looked at those, and they appear to address the subject very well.  I think they will answer my questions, though it'll probably take me a while to put everything into place.

I'll also try out the $ part.  There are some necessary shares it is best folks just don't know about.

srsdtech
0

Featured Post

Migrating Your Company's PCs

To keep pace with competitors, businesses must keep employees productive, and that means providing them with the latest technology. This document provides the tips and tricks you need to help you migrate an outdated PC fleet to new desktops, laptops, and tablets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Article by: btan
The intent is not to repeat what many has know about Ransomware but more to join its dots of what is it, who are the victims, why it exists, when and how we respond on infection. Lastly, sum up in a glance to share such information with more to help…
Security measures require Windows be logged in using Standard User login (not Administrator).  Yet, sometimes an application has to be run “As Administrator” from a Standard User login.  This paper describes how to create a shortcut icon to launch a…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

778 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question