Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

Folder NTFS Permissions

Posted on 2016-11-19
14
Medium Priority
?
154 Views
Last Modified: 2016-11-19
I posted this question.
https://www.experts-exchange.com/questions/28984180/Windows-Share-Security-permissions.html
Hard Part of it is Resolved.

Now on the Subfolders (Marketing , Sales)
I have added Security groups Marketing to Marketing folder and gave it Modify permissions
I have added Security groups Sales to Sales folder and gave it Modify permissions

However, I logged in to a computer as member of Marketing group, when I open for instance Marketing folder and
try to create a folder or text file inside of it I get a message: "You need permission to perform this Action"

Any idea of what I am missing?

Thank you
0
Comment
Question by:jskfan
  • 5
  • 4
  • 2
  • +3
14 Comments
 
LVL 7

Accepted Solution

by:
No More earned 1004 total points
ID: 41894298
check share permissions
0
 
LVL 16

Assisted Solution

by:Dirk Mare
Dirk Mare earned 332 total points
ID: 41894307
Make sure the Marketing and Sales folders are not inheriting the permissions from the parent folder.

DirkMare
0
 

Author Comment

by:jskfan
ID: 41894310
Cannot understand

Company (Share) : Advanced Sharing I added Authenticated Users :Read permission
How does this impact the Subfolders like Marketing and Sales ?

By the Way, Thank you David, after I saw your suggestion, I gave Authenticated users Change permission on Advanced Sharing at the Company Share level,  and managed to creatd a folder under Marketing..how do you explain it please?
0
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

 
LVL 7

Expert Comment

by:No More
ID: 41894314
Share permission are opening valve for NTFS permissions , if you have share permissions read and NTFS permissions for example : full control the user will get only read and execute NTFS permissions
0
 
LVL 7

Expert Comment

by:No More
ID: 41894316
0
 

Author Comment

by:jskfan
ID: 41894318
Good explanation David.
So at the Share level, does it matter if I give Change or Full ?
I know with Full at the Folder level, user can take ownership of the folder, but I am not sure at the Share level
0
 
LVL 84

Assisted Solution

by:David Johnson, CD, MVP
David Johnson, CD, MVP earned 332 total points
ID: 41894319
remember the most restrictive permission either the share or ntfs permission takes precedence
0
 
LVL 7

Expert Comment

by:No More
ID: 41894321
Most of IT guys would use share permission: everyone : full control and then limit and control rest with NTFS permissions, but you have different options
0
 

Author Comment

by:jskfan
ID: 41894333
Thank you..

Regarding Access Base Enumeration...is this Windows 2012 Feature only ?
0
 
LVL 7

Expert Comment

by:No More
ID: 41894335
I think it was possible since 2003 and from 2008 up for 100%
0
 
LVL 24

Assisted Solution

by:yo_bee
yo_bee earned 332 total points
ID: 41894342
It was an addin that needed to be install on 2003 and part to 2008 and newer.
http://www.microsoft.com/downloads/details.aspx?FamilyID=04a563d9-78d9-4342-a485-b030ac442084&DisplayLang=en
0
 

Author Closing Comment

by:jskfan
ID: 41894398
Thank you for your help Guys
0
 
LVL 24

Expert Comment

by:yo_bee
ID: 41894399
Just remember deny rights will trump any allow rights
0
 
LVL 57

Expert Comment

by:McKnife
ID: 41894424
About share permissions: Everyone modify. Don't use everyone: Full.
"the most restrictive takes precedence" - not wrong, but it has exceptions. "deny will trump allow" - same. Has exceptions, see https://www.experts-exchange.com/questions/22108365/NTFS-and-share-permissions-I-found-a-difference-where-there-should-not-be-any.html
0

Featured Post

Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Considering today’s continual security threats, which affect Information technology networks and systems worldwide, it is very important to practice basic security awareness. A normal system user can secure himself or herself by following these simp…
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

916 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question