• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 517
  • Last Modified:

share ACL only set at one level

Am I right in thinking share access control permissions are only set at one level? Whereas NTFS are set at every directory level (albeit they can inherit).

And part 2) am I right in thinking if a user or group is NOT listed on share permissions (ACL), regardless of whether they are on NTFS (directory ACL) they cant access data on the directories on that share, i.e. you need to be on both the share and directory ACL?
  • 2
1 Solution
Both right. Share permissions are for the share, not for the folders below. 2nd is right because the principle behind it is "effective is what is more restrictive"
pma111Author Commented:
I assume windows effective permissions feature, i.e.:


Is only taking into consideration NTFS (directory permissions) and completely ignores share permissions?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now