What are Best Practice settings for a file share server?
Posted on 2014-10-20
I'll soon be migrating an old file share server to a new Windows 2012 R2 server. I'd loved to here suggestions for default drive and folder permissions for the file share structure generally. The permissions for shares in the past have been governed by SHARE permissions -- and I think I'd like to stay with that because everyone is used to that. However, I'd like to lock down the drive and NTFS permissions a bit more -- however, I don't want to cause problems. The users seems to need NTFS permissions equal to SHARE permissions, and I'd like Administrators to have permissions. What other permissions are needed, SYSTEM, OWNER, Domain Users, etc.? From testing it seems if users have SHARE permissions only, and nothing as far as NTFS (implied no access) -- they have no access. If someone can provide some opinions, I'd be grateful.