Solved

ABE  on 2012 file shares

Posted on 2016-11-04
2
63 Views
Last Modified: 2016-11-11
Dear Experts

I have file servers on cluster with 2012 OS. I have enabled ABE on them and I need advise on one thing please.

within the share permission of share, I have enabled "everyone" with "Full Control" access and managing folder permissions with ntfs.

is this an accepted solution or should I use specific groups ? in old 2008 cluster, it shows a lot of groups and I do not want to replicate that on 2012 cluster. would it not be easier to set  everybody with full access and use groups within the permissions section?
0
Comment
Question by:kuzum
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 41

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41874083
The most restrictive permission set will win in a situation where multiple permissions apply to an object. In this case, you have Share permissions applied to the network share object and NTFS permission on the files themselves. If the share permissions are set to Full Control for everyone, users will still have to have the appropriate NTFS file permissions for any files they want access to. However, setting Everyone Full control may give users the ability to modify share settings if they can log into the server with their user account. Personally, I tend to remove the Everyone option and change it to Authenticated Users with Read and Write access on share permissions. But that is a common and accepted practice.
0
 

Author Closing Comment

by:kuzum
ID: 41883680
my research also pointed me to the same direction,
0

Featured Post

Raise the IQ of Your IT Alerts

From IT major incidents to manufacturing line slowdowns, every business process generates insights that need to reach the people required to take action. You need a platform that integrates with your business tools to create fully enabled DevOps toolchains.

You need xMatters.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Uncontrolled local administrators groups within any organization pose a huge security risk. Because these groups are locally managed it becomes difficult to audit and maintain them.
Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

695 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question