Solved

ABE  on 2012 file shares

Posted on 2016-11-04
2
59 Views
Last Modified: 2016-11-11
Dear Experts

I have file servers on cluster with 2012 OS. I have enabled ABE on them and I need advise on one thing please.

within the share permission of share, I have enabled "everyone" with "Full Control" access and managing folder permissions with ntfs.

is this an accepted solution or should I use specific groups ? in old 2008 cluster, it shows a lot of groups and I do not want to replicate that on 2012 cluster. would it not be easier to set  everybody with full access and use groups within the permissions section?
0
Comment
Question by:kuzum
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 40

Accepted Solution

by:
Adam Brown earned 500 total points
ID: 41874083
The most restrictive permission set will win in a situation where multiple permissions apply to an object. In this case, you have Share permissions applied to the network share object and NTFS permission on the files themselves. If the share permissions are set to Full Control for everyone, users will still have to have the appropriate NTFS file permissions for any files they want access to. However, setting Everyone Full control may give users the ability to modify share settings if they can log into the server with their user account. Personally, I tend to remove the Everyone option and change it to Authenticated Users with Read and Write access on share permissions. But that is a common and accepted practice.
0
 

Author Closing Comment

by:kuzum
ID: 41883680
my research also pointed me to the same direction,
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article outlines the process to identify and resolve account lockout in an Active Directory environment.
In-place Upgrading Dirsync to Azure AD Connect
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

738 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question