share ACL only set at one level

Am I right in thinking share access control permissions are only set at one level? Whereas NTFS are set at every directory level (albeit they can inherit).

And part 2) am I right in thinking if a user or group is NOT listed on share permissions (ACL), regardless of whether they are on NTFS (directory ACL) they cant access data on the directories on that share, i.e. you need to be on both the share and directory ACL?
LVL 3
pma111Asked:
Who is Participating?
 
McKnifeConnect With a Mentor Commented:
Both right. Share permissions are for the share, not for the folders below. 2nd is right because the principle behind it is "effective is what is more restrictive"
0
 
pma111Author Commented:
I assume windows effective permissions feature, i.e.:

http://www.techotopia.com/images/5/51/Windows_server_2008_effective_permissions.jpg

Is only taking into consideration NTFS (directory permissions) and completely ignores share permissions?
0
 
McKnifeCommented:
Correct.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.