asked on

Windows Share permissons vs NTFS permissions

I am setting up a remote virtual directory. The share has it's own permissions and I added all the users I want to access the share through the share permissons. The NTFS folder on the PC also has a security permissions.

To access the share does the NTFS folder and the Share permission folder have to have the same users? It seems they do not but I was not sure. I thought the NTFS security controlled the local access to the PC while the share permissions control the access through the network. Can someone clarify for me to be sure I got this correct?

rindi

The share permissions are only very basic, and just giving all permissions on that level is best practice.

NTFS security is much more granular, and this is where you should say which group is allowed to do what. Always use groups rather than single User accounts. It is much easier to add or remove users to or from a group, rather than to go to every folder and adapt the permissions if users change.

kdschool

ASKER

so if I give permissions on the share then those folks can access the file through the network?

rindi

If the NTFS permissions allow them to, yes.

kdschool

ASKER

So they need both the NTFS permissions and permission on the share to access the files?

ASKER CERTIFIED SOLUTION

rindi

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

McKnife

Correction: Best practice is to set share permissions to everyone:modify, not full! Very important.

NVIT

Supporting info on why
you should use Read/Write or Modify for Shares....
https://www.experts-exchange.com/questions/28955946/customize-Windows-explorer-such-that-Everyone-can't-get-selected-when-users-do-folder-sharing.html?anchorAnswerId=41694951#a41694951, where I mistakenly believed Everyone must have Full Control for the Share and granular control at the NTFS (Security) level.

McKnife

Thanks, NVIT.