Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

NTFS Volume Permissions

Posted on 2013-01-17
3
Medium Priority
?
325 Views
Last Modified: 2013-01-17
So I have a goofy question. I've always refrained from granting permissions at the volume level for any of my end users. I usually create a top level folder on the volume and create the share and set share and NTFS permissions there (big fan of ABE as well as I come from a Novell background).

I was asked today why not set the permissions at the volume/root level? I have a voice inside my head saying it's a bad idea, but I can't think of any technical reasons why you couldn't do it? Specifically, I can't think of a technical reason why I wouldn't create a share there?

Here's what I've always done:

Volume = D:
Folder = D:\Apps

I would set the share and NTFS permissions at the Folder (Apps) level.

Here's what I'm being asked about:

Volume = D:

Asked why I don't just share out "D:" as "Apps" and set share and NTFS permissions there.

Any best practice on this or does it "just depend".

Thanks,
Timmr72
0
Comment
Question by:timmr72
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 11

Assisted Solution

by:BillBondo
BillBondo earned 500 total points
ID: 38788192
If you create additional folders on d: you would be granting those rights as well to that folder. So do it at the folder level is best
0
 
LVL 13

Accepted Solution

by:
imkottees earned 500 total points
ID: 38788208
Hi,

you can give it to Volume level.

Lets say you want to give read/write permission to userA for D:\Apps.  to achieve this you can also give read/write permission to volume level (D:\ drive) which also inherit to Apps folder.

But here userA also have the read/write permission for other folders in the D:\ drive. In case if userA dont want to access other folders on D drive, then you should manually deny the permission.

You can go with whatever suits you :)
0
 

Author Closing Comment

by:timmr72
ID: 38789381
Thank  you both. Splitting the points.
0

Featured Post

Important Lessons on Recovering from Petya

In their most recent webinar, Skyport Systems explores ways to isolate and protect critical databases to keep the core of your company safe from harm.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through configuring a drive on a Windows Server 2008 to perform shadow copies in order to quickly recover deleted files and folders. Click on Start and then select Computer to view the available drives on the se…

704 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question