Solved

Privilege precedence

Posted on 2006-11-01
4
271 Views
Last Modified: 2010-04-18
I have a top level directory in which I assign a certain group to have only read privileges. In a sub-directory inside that directory I have a folder where I assign a user to have full privileges to write files to it. That user is a member of the group that has only read privileges. Is there a conflict created in the sub-directory where I assigned the user to have full rights? Which get the precedence? The group privileges  or the user privileges ?
0
Comment
Question by:CodeParadise
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
4 Comments
 
LVL 143

Accepted Solution

by:
Guy Hengel [angelIII / a3] earned 150 total points
ID: 17853019
privileges are given to a folder, and can be given to all the children explicitely or implicitely.
you have to check if the permissions on the child folder are "inherited" or not, ie if they take the inherited permissions or not.

now, granted privileges will accumulate, so if the users has no permissions itself, but the group he is part of has full control, the user has full control.
if the group has no permissions, but the user was granted full control, he will keep full control

only if at some point there is a deny, that overrides any granted permissions
0
 
LVL 12

Assisted Solution

by:Donnie4572
Donnie4572 earned 150 total points
ID: 17853050
Permissions are accumaltive.

Example:
If I am a member af group1, group2, and group3
Group1 = read
Group2 = modify
Group3 = Full Control

My effective permission is Full Control. No conflict with this design.

Lets suppose that I am a member of Group4 which has been assigned the deny permission.
My effective permission is denied because deny always overides all allow permissions for that resource.
0
 
LVL 4

Author Comment

by:CodeParadise
ID: 18009248
Thanks angelIII  and Donnie4572!
0

Featured Post

The Eight Noble Truths of Backup and Recovery

How can IT departments tackle the challenges of a Big Data world? This white paper provides a roadmap to success and helps companies ensure that all their data is safe and secure, no matter if it resides on-premise with physical or virtual machines or in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface Having the need * to contact many different companies with different infrastructures * do remote maintenance in their network required us to implement a more flexible routing solution. As RAS, PPTP, L2TP and VPN Client connections are no…
by Batuhan Cetin In this article I will be guiding through the process of removing a failed DC metadata from Active Directory (hereafter, AD) using the ntdsutil tool in a Windows Server 2003 environment. These steps are not necessary in a Win…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question