Solved

Windows Share permissons vs NTFS permissions

Posted on 2016-09-13
8
72 Views
Last Modified: 2016-09-13
I am setting up a remote virtual directory.  The share has it's own permissions and I added all the users I want to access the share through the share permissons.  The NTFS folder on the PC also has a security permissions.

To access the share does the NTFS folder and the Share permission folder have to have the same users? It seems they do not but I was not sure.  I thought the NTFS security controlled the local access to the PC while the share permissions control the access through the network.  Can someone clarify for me to be sure I got this correct?
0
Comment
Question by:kdschool
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
  • +1
8 Comments
 
LVL 88

Expert Comment

by:rindi
ID: 41796075
The share permissions are only very basic, and just giving all permissions on that level is best practice.

NTFS security is much more granular, and this is where you should say which group is allowed to do what. Always use groups rather than single User accounts. It is much easier to add or remove users to or from a group, rather than to go to every folder and adapt the permissions if users change.
0
 

Author Comment

by:kdschool
ID: 41796098
so if I give permissions on the share then those folks can access the file through the network?
0
 
LVL 88

Expert Comment

by:rindi
ID: 41796116
If the NTFS permissions allow them to, yes.
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 

Author Comment

by:kdschool
ID: 41796121
So they need both the NTFS permissions and permission on the share to access the files?
0
 
LVL 88

Accepted Solution

by:
rindi earned 500 total points
ID: 41796140
Yes.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 41796272
Correction: Best practice is to set share permissions to everyone:modify, not full! Very important.
0
 
LVL 24

Expert Comment

by:NVIT
ID: 41796344
Supporting info on why
you should use Read/Write or Modify for Shares....
https://www.experts-exchange.com/questions/28955946/customize-Windows-explorer-such-that-Everyone-can't-get-selected-when-users-do-folder-sharing.html#a41694951, where I mistakenly believed Everyone must have Full Control for the Share and granular control at the NTFS (Security) level.
0
 
LVL 54

Expert Comment

by:McKnife
ID: 41796410
Thanks, NVIT.
0

Featured Post

Use Case: Protecting a Hybrid Cloud Infrastructure

Microsoft Azure is rapidly becoming the norm in dynamic IT environments. This document describes the challenges that organizations face when protecting data in a hybrid cloud IT environment and presents a use case to demonstrate how Acronis Backup protects all data.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

When you try to extract and to view the contents of a Microsoft Update Standalone Package (MSU) for Windows Vista, you cannot extract the files from the MSU. Here we are going to explain how to extract those hotfix details without using any third pa…
Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question