Folder NTFS Permissions
I posted this question.
https://www.experts-exchange.com/questions/28984180/Windows-Share-Security-permissions.html
Hard Part of it is Resolved.
Now on the Subfolders (Marketing , Sales)
I have added Security groups Marketing to Marketing folder and gave it Modify permissions
I have added Security groups Sales to Sales folder and gave it Modify permissions
However, I logged in to a computer as member of Marketing group, when I open for instance Marketing folder and
try to create a folder or text file inside of it I get a message: "You need permission to perform this Action"
Any idea of what I am missing?
Thank you
https://www.experts-exchange.com/questions/28984180/Windows-Share-Security-permissions.html
Hard Part of it is Resolved.
Now on the Subfolders (Marketing , Sales)
I have added Security groups Marketing to Marketing folder and gave it Modify permissions
I have added Security groups Sales to Sales folder and gave it Modify permissions
However, I logged in to a computer as member of Marketing group, when I open for instance Marketing folder and
try to create a folder or text file inside of it I get a message: "You need permission to perform this Action"
Any idea of what I am missing?
Thank you
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Share permission are opening valve for NTFS permissions , if you have share permissions read and NTFS permissions for example : full control the user will get only read and execute NTFS permissions
This would give you good understanding:
https://blog.varonis.com/the-difference-between-share-and-ntfs-permissions/
https://blog.varonis.com/the-difference-between-share-and-ntfs-permissions/
ASKER
Good explanation David.
So at the Share level, does it matter if I give Change or Full ?
I know with Full at the Folder level, user can take ownership of the folder, but I am not sure at the Share level
So at the Share level, does it matter if I give Change or Full ?
I know with Full at the Folder level, user can take ownership of the folder, but I am not sure at the Share level
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Most of IT guys would use share permission: everyone : full control and then limit and control rest with NTFS permissions, but you have different options
ASKER
Thank you..
Regarding Access Base Enumeration...is this Windows 2012 Feature only ?
Regarding Access Base Enumeration...is this Windows 2012 Feature only ?
I think it was possible since 2003 and from 2008 up for 100%
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you for your help Guys
Just remember deny rights will trump any allow rights
About share permissions: Everyone modify. Don't use everyone: Full.
"the most restrictive takes precedence" - not wrong, but it has exceptions. "deny will trump allow" - same. Has exceptions, see https://www.experts-exchange.com/questions/22108365/NTFS-and-share-permissions-I-found-a-difference-where-there-should-not-be-any.html
"the most restrictive takes precedence" - not wrong, but it has exceptions. "deny will trump allow" - same. Has exceptions, see https://www.experts-exchange.com/questions/22108365/NTFS-and-share-permissions-I-found-a-difference-where-there-should-not-be-any.html
ASKER
Company (Share) : Advanced Sharing I added Authenticated Users :Read permission
How does this impact the Subfolders like Marketing and Sales ?
By the Way, Thank you David, after I saw your suggestion, I gave Authenticated users Change permission on Advanced Sharing at the Company Share level, and managed to creatd a folder under Marketing..how do you explain it please?