[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Permissions

Posted on 2008-06-25
12
Medium Priority
?
233 Views
Last Modified: 2013-12-04
hi all
i have a query with permissions and the correct way to do them.  I have a NTFS drive on our server and it i have top level share called share below share i have lots and lots of other folders. when a user logs on they get this mapped drive with all the shares inside it and then the permissions kicks in as to what folders they can access ie access denied if no permissions or access granted if permissions is there. Now lets say i wanted to give a user access to a folder that is way down that folder tree ie within the top level share lets say we have a folder called depts and within depts we have prod and with prod we have test. whats the best way to give a user access to test?

ta
0
Comment
Question by:kingcastle
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
12 Comments
 
LVL 25

Expert Comment

by:slam69
ID: 21868294
give them list folder contents only access to all the parent folders down to test and then give them modify if required to teh test folder and children of that
0
 

Author Comment

by:kingcastle
ID: 21868369
is this the norm or is there a better way of doing it
0
 
LVL 25

Expert Comment

by:slam69
ID: 21868434
no that would be the norm, that way the users can only see the folders down to the level of where they need access and not open anything else, you could share the test folder but creating shares underneath shares creates a permissioning nightmare and i would never recommend it
0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
LVL 25

Expert Comment

by:slam69
ID: 21872458
any update
0
 

Author Comment

by:kingcastle
ID: 21872826
cheers for that if i wanted to give users access to a folder but the only thing i did not want them to do was delete more move either the folder itself or anything within that folder what would rights would i assign

ta
0
 
LVL 25

Expert Comment

by:slam69
ID: 21872890
ok that sentance was  a little confusing but i think you want to deny the user delete privildges, when you set the permissions on teh security tab if you click the advanced button you get a whole more range of options other than the standard read write modify etc.

Within this advanced tab you can specify deny delete rights take a look at it.

If you want to go to teh next level have a look at security explorer which is an ntfs permissioning tool, same as using teh security tab but its a better tool in my opinion and easier to understand
0
 

Author Comment

by:kingcastle
ID: 21872913
were would one find security explorer
0
 
LVL 25

Expert Comment

by:slam69
ID: 21872923
here you go,

but take a look at the advanced tab as well so that you are aware of teh range of permission assignments you can make

http://www.pnltools.com/productinfo~productid~32~pageid~1~subpageid~0.asp

be very careful as if you arent fully cionfident of what you are doing you can cause a network more harm than good!!
0
 

Author Comment

by:kingcastle
ID: 21873165
last bit of this post now, what are create owner and system that appear under the security and d o i need to keep them or remove them
0
 
LVL 25

Expert Comment

by:slam69
ID: 21873201
always always keep system in there as it allows your system accounts to access directory same as you always leave your admin accounts in there to administrate.

Creator owner is a funney one, usually whoever creates the directory will need further access but thats not always teh case, usually you have to do thi son a case by case assessment but you will usually find the creator of a file or folder will need continued access
0
 

Author Comment

by:kingcastle
ID: 21873217
excellent post
0
 
LVL 25

Accepted Solution

by:
slam69 earned 2000 total points
ID: 21873222
No problem.

please remember to close quetion :O)
0

Featured Post

Tech or Treat!

Submit an article about your scariest tech experience—and the solution—and you’ll be automatically entered to win one of 4 fantastic tech gadgets.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question