Solved

Share or Security permissions?

Posted on 2008-10-09
3
183 Views
Last Modified: 2013-12-05
Hi

I have a folder on a Windows 2003 server that I would like to share.

Do I need to set the permissions in Security, or Share>Permissions, or both?

And which ones take precedence?
0
Comment
Question by:kam_uk
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 17

Assisted Solution

by:Andres Perales
Andres Perales earned 100 total points
ID: 22680458
You need to set both, Share Permissions set to everyone full, then lock it down using the permission with the security tab...
the restrictive permissions alway take priority.
0
 
LVL 96

Accepted Solution

by:
Lee W, MVP earned 200 total points
ID: 22680484
The most restrictive settings win.

Because of that and for simplicity, you would generally only use NTFS permissions (Security).

Think of it like this:
The share is the doorway into the files and folders at that point.  Like large office building, once you get into the doorway, you have the ability to see EVERYTHING in EVERY OFFICE (through share level permissions

With NTFS permissions, you can adjust things at the FILE level (including the folders) so that Doors 1, 3,4 7,9,10, and 12 are only accessible to user A while user B sees 2,3,5,6,7,9,11,12 and User C sees everything.

To put another way, if you set NTFS permissions to EVERYONE:Full access, and share permissions to READ ONLY then your users ONLY have READ ONLY (It's the most restrictive)

If you set NTFS permissions so that EVeryone has Read Only except for you and your boss with FULL access but set the Share permissions to Read Only, then you and your boss STILL have read only - the share permissions are more restrictive.

If you set NTFS permissions so that EVeryone has Read Only except for you and your boss with FULL access but set the Share permissions to Full Access, then you and your boss have Full access and everyone else has Read Only.

Finally, If you set NTFS permissions so that EVeryone has Read Only to everything except the file "phonelist" which allows FULL access but set the Share permissions to Read Only, then NO ONE can modify the phone list because the share permissions are more restrictive
0
 
LVL 3

Author Comment

by:kam_uk
ID: 22685859
Thanks!
0

Featured Post

Office 365 Training for Admins - 7 Day Trial

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
When it comes to security, close monitoring is a must. According to WhiteHat Security annual report, a substantial number of all web applications are vulnerable always. Monitis offers a new product - fully-featured Website security monitoring and pr…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question