Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 98
  • Last Modified:

NTFS Permission denied vs not adding anything

What is the difference between adding a user to a directory & set permission to deny, & not adding the user at all?

In both cases, the user wont be able to access the folder, but why going all the way to deny?

Thanks
0
defrey
Asked:
defrey
2 Solutions
 
Guillermo FeijóoSystems administratorCommented:
Hi:

If there are conflicting permissions, the most restrictive are applied.

If a user is member of a group that can read a folder,  but you set deny read permissión to that user, the user cant read that folder.
0
 
McKnifeCommented:
Another example: if you grant a group X change permissions but don't want User A to be able to change, you could deny change for that user without having to kick him out of that group. That is a use case.
But just denying him? No one would do that since not granting him anything is so much easier.
0
 
Seth SimmonsSr. Systems AdministratorCommented:
where i recently worked, i came across a share that had a group with explicit deny
found out the reason; a different group was given access though a few members shouldn't have it so another group with those individuals was created and explicitly denied.  that could be a scenario where you might need to do that, though a rare circumstance
0

Featured Post

Prepare for your VMware VCP6-DCV exam.

Josh Coen and Jason Langer have prepared the latest edition of VCP study guide. Both authors have been working in the IT field for more than a decade, and both hold VMware certifications. This 163-page guide covers all 10 of the exam blueprint sections.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now