?
Solved

Share or Security permissions?

Posted on 2008-10-09
3
Medium Priority
?
189 Views
Last Modified: 2013-12-05
Hi

I have a folder on a Windows 2003 server that I would like to share.

Do I need to set the permissions in Security, or Share>Permissions, or both?

And which ones take precedence?
0
Comment
Question by:kam_uk
3 Comments
 
LVL 17

Assisted Solution

by:Andres Perales
Andres Perales earned 400 total points
ID: 22680458
You need to set both, Share Permissions set to everyone full, then lock it down using the permission with the security tab...
the restrictive permissions alway take priority.
0
 
LVL 97

Accepted Solution

by:
Lee W, MVP earned 800 total points
ID: 22680484
The most restrictive settings win.

Because of that and for simplicity, you would generally only use NTFS permissions (Security).

Think of it like this:
The share is the doorway into the files and folders at that point.  Like large office building, once you get into the doorway, you have the ability to see EVERYTHING in EVERY OFFICE (through share level permissions

With NTFS permissions, you can adjust things at the FILE level (including the folders) so that Doors 1, 3,4 7,9,10, and 12 are only accessible to user A while user B sees 2,3,5,6,7,9,11,12 and User C sees everything.

To put another way, if you set NTFS permissions to EVERYONE:Full access, and share permissions to READ ONLY then your users ONLY have READ ONLY (It's the most restrictive)

If you set NTFS permissions so that EVeryone has Read Only except for you and your boss with FULL access but set the Share permissions to Read Only, then you and your boss STILL have read only - the share permissions are more restrictive.

If you set NTFS permissions so that EVeryone has Read Only except for you and your boss with FULL access but set the Share permissions to Full Access, then you and your boss have Full access and everyone else has Read Only.

Finally, If you set NTFS permissions so that EVeryone has Read Only to everything except the file "phonelist" which allows FULL access but set the Share permissions to Read Only, then NO ONE can modify the phone list because the share permissions are more restrictive
0
 
LVL 3

Author Comment

by:kam_uk
ID: 22685859
Thanks!
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Securing your business data in current era should be your biggest priority. Numerous people are unaware of the fact that insiders commit more than 60 percent of security breaches. You need to figure out the underlying cause and invoke your potential…
When you put your credit card number into a website for an online transaction, surely you know to look for signs of a secure website such as the padlock icon in the web browser or the green address bar.  This is one way to protect yourself from oth…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

850 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question