Solved

NTFS Volume Permissions

Posted on 2013-01-17
3
323 Views
Last Modified: 2013-01-17
So I have a goofy question. I've always refrained from granting permissions at the volume level for any of my end users. I usually create a top level folder on the volume and create the share and set share and NTFS permissions there (big fan of ABE as well as I come from a Novell background).

I was asked today why not set the permissions at the volume/root level? I have a voice inside my head saying it's a bad idea, but I can't think of any technical reasons why you couldn't do it? Specifically, I can't think of a technical reason why I wouldn't create a share there?

Here's what I've always done:

Volume = D:
Folder = D:\Apps

I would set the share and NTFS permissions at the Folder (Apps) level.

Here's what I'm being asked about:

Volume = D:

Asked why I don't just share out "D:" as "Apps" and set share and NTFS permissions there.

Any best practice on this or does it "just depend".

Thanks,
Timmr72
0
Comment
Question by:timmr72
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 11

Assisted Solution

by:BillBondo
BillBondo earned 125 total points
ID: 38788192
If you create additional folders on d: you would be granting those rights as well to that folder. So do it at the folder level is best
0
 
LVL 13

Accepted Solution

by:
imkottees earned 125 total points
ID: 38788208
Hi,

you can give it to Volume level.

Lets say you want to give read/write permission to userA for D:\Apps.  to achieve this you can also give read/write permission to volume level (D:\ drive) which also inherit to Apps folder.

But here userA also have the read/write permission for other folders in the D:\ drive. In case if userA dont want to access other folders on D drive, then you should manually deny the permission.

You can go with whatever suits you :)
0
 

Author Closing Comment

by:timmr72
ID: 38789381
Thank  you both. Splitting the points.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had a question today where the user wanted to know how to delete an SSL Certificate, so I thought that I would quickly add this How to! Article for your reference. WHY WOULD YOU WANT TO DELETE A CERTIFICATE? 1. If an incorrect certificate was …
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
This tutorial will show how to configure a single USB drive with a separate folder for each day of the week. This will allow each of the backups to be kept separate preventing the previous day’s backup from being overwritten. The USB drive must be s…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question