Windows 2003 Folder Permissions Problems - - - Urgent

I'm in the process of move share from my old file server to my new one using Secure Copy 4.11. Anyway my share structure on my new server is as follows:
All of the users home directories go under the "Home" direcotory folder. Anyway my newly migratied shares have not only the domain user listed but the following groups as well: USERS, Creator, SYStem and of course Administrators. Is it ok for me to remove the USERS, CREATOR & SYSTEM groups from the parents folders? What are the downsides of doing this? What is the purposes of these groups? How do share and ntfs permissions differ??

Thanks Again.
LVL 20
Who is Participating?
nappy_dConnect With a Mentor Commented:
Once you start reading thru that last link I posted, it will all make sense.

Think of it as this analogy:

You have a house with several rooms:

Anyone can enter the house(this is your share)

But, inside the house you only want certain people to enter the different rooms(This is where your NTFS permissions take over).

Does that make sense?
The share permissons allow you to share a folder or a drive.  The NTFS permissions allow you to control the permissions to a specific file or directory within a share.

The way I work(and probably many others too) you give full control with your share permissions and then control file and directory access with the NTFS permissions.  Here is one of may links wth further information.
compdigit44Author Commented:
Thanks for the reply nappy_d: I'm still confused though...What is the purpose of the follow local group though: server\Creator Owner, server\System & server\Users. Is it ok for me to remove these group from the parent directory so these extra group do no propogate to the child folders? What are the purposes of these groups???????/
Never miss a deadline with

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

Before removing any permissions, make sure you have sound understanding of what is being done.

Those permissions are the defaulted permissions added by your system.  The only one I may suggest you look at removing is users.


Users are generally people who are not admins but need access to the computer or files.

Creator Owner, is the person who created the directory and thus becomes the owner

You should draw outon paper how you want your permissions setup before you start making changes.
compdigit44Author Commented:
Does Microsoft or any other website out there list what the purpose of these defaults groups in Windows 2003 do??
Yes they do.

As mentioned the defaults are exactly that, they are the basic building blocks provided.  It would then be up to you or the admin(if you are not he/she) to modify them as you see fit.

The defaults do show what they do.  Every group can have different levels of permissions; Read, Write, Modify, Full Control, Read/Execute, List Folder contents13.  On top of that there are an additional 13 or so advanced permissions.

Take a look here...
compdigit44Author Commented:
Thank for the reply I guess I'm just not understanding the purpose of the Creator Owner & System groups>...

All Courses

From novice to tech pro — start learning today.