Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Folder Share Permissions BEST PRACTICES

Posted on 2010-08-12
2
Medium Priority
?
908 Views
Last Modified: 2012-05-10
Its been a while since I studied this topic but I remember there is a BEST PRACTICES way of setting up a new share on a folder in Windows Server 2003.
When you set up a Folder for sharing the first time, there is a PERMISSIONS Button on the SHARING Tab. When you press the button it opes a window with Everyone in the top group with READ rights, by default I believe.

Then there is the SECURITY Tab. WHen you open that window it has the Regular Security settings window with SYSTEM and OWNER etc. with a long list of rights that can assigned to the selected user or group.

The question is then...Should the PERMISSIONS button be used at all in a normal Windows 2003 Active Directory Domain? And if so...how? IE: Remove EVERYONE ?

Then ad the Everyone Item back in Under the SECURITY Tab? And others as appropriate?

0
Comment
Question by:NaplesFLDave
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 15

Accepted Solution

by:
JBond2010 earned 1000 total points
ID: 33422723
As a best practice, it is most efficient to configure share permissions with Authenticated Users having Full Control access. Then, the NTFS permissions should configure each group with standard permissions. This provides excellent security for local and network access to the resource. It also provides excellent protection of the resource for when it is backed up and when the resource name is changed or relocated. As I said earlier, the NTFS permissions will protect the resource even if the share permissions are set to Full Control access.
0
 
LVL 2

Expert Comment

by:itmaximum
ID: 33422977
also good to remember that microsoft servers use MOST RESTRICTIVE as its priority, so when changing security settings make sure they match your share permissions, if you dont you will have an access denied issue without realizing it.

(simply if you have authorized users full control in permissions and then change the folder security to a specific security group, only the members of that group will have access)
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
How to fix incompatible JVM issue while installing Eclipse While installing Eclipse in windows, got one error like above and unable to proceed with the installation. This video describes how to successfully install Eclipse. How to solve incompa…
Is your data getting by on basic protection measures? In today’s climate of debilitating malware and ransomware—like WannaCry—that may not be enough. You need to establish more than basics, like a recovery plan that protects both data and endpoints.…
Suggested Courses

618 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question