Solved

ABE  on 2012 file shares

Posted on 2016-11-04
2
51 Views
Last Modified: 2016-11-11
Dear Experts

I have file servers on cluster with 2012 OS. I have enabled ABE on them and I need advise on one thing please.

within the share permission of share, I have enabled "everyone" with "Full Control" access and managing folder permissions with ntfs.

is this an accepted solution or should I use specific groups ? in old 2008 cluster, it shows a lot of groups and I do not want to replicate that on 2012 cluster. would it not be easier to set  everybody with full access and use groups within the permissions section?
0
Comment
Question by:kuzum
2 Comments
 
LVL 39

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41874083
The most restrictive permission set will win in a situation where multiple permissions apply to an object. In this case, you have Share permissions applied to the network share object and NTFS permission on the files themselves. If the share permissions are set to Full Control for everyone, users will still have to have the appropriate NTFS file permissions for any files they want access to. However, setting Everyone Full control may give users the ability to modify share settings if they can log into the server with their user account. Personally, I tend to remove the Everyone option and change it to Authenticated Users with Read and Write access on share permissions. But that is a common and accepted practice.
0
 

Author Closing Comment

by:kuzum
ID: 41883680
my research also pointed me to the same direction,
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This article shows the method of using the Resultant Set of Policy Tool to locate Group Policy that applies a particular setting.
This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
This tutorial will walk an individual through the process of installing the necessary services and then configuring a Windows Server 2012 system as an iSCSI target. To install the necessary roles, go to Server Manager, and select Add Roles and Featu…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question