Re: Authenticated users permissions
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 05/25/05
- Next message: Barry: "Auditing Logon Events"
- Previous message: Roger Abell: "Re: How to remove the password affiliated with PDF documents?"
- In reply to: Matt Carter: "Authenticated users permissions"
- Next in thread: Matt Carter: "Re: Authenticated users permissions"
- Reply: Matt Carter: "Re: Authenticated users permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 25 May 2005 07:17:58 -0700
In NTFS when you block inheritance at a folder, this is for all inheritable
permissions. When you do this you can choose to copy the inherited which
will turn them into the initial explicit permissions on the new inheritance
point that folder becomes. These can then be modified as needed, and then
the checkbox to apply these to all subordinate structure (files and
subfolders)
may be used to adjust all lower permissions to what has now been set (this
part is particularly relevant if there are additional explicit grants or are
any
other inheritance points set in the pre-existing substructure)
Sometimes, with some thought, one can find a way so that at the uppermost
level the least common permissions are granted, and then these are
increased,
without blocking inheritance, by merely adding additional explicit
permissions
at the specific subfolders. Note that these added permissions can be set so
that they affect only the one folder where set and do not inherit, or they
may
be left in default as added inheritables.
-- Roger Abell Microsoft MVP (Windows Security) MCSE (W2k3,W2k,Nt4) MCDBA "Matt Carter" <MattCarter@discussions.microsoft.com> wrote in message news:3AECCBE1-D4F0-47AE-A374-3D8789891E30@microsoft.com... > I am having trouble. I have a shared drive on my 2003 network that is > accessed by the company. It is set up to have the root, S:\ to be > Authenticated Users (Modify) access. It is inherited to another folder, > accessed by numermous groups / users (the Auth. Users permissions are > Inherited). A subfolder of that is where I would like to "limit." I would > like to make it so that Authenticated Users only have READ access to the > folders / files from this folder to child folders. I would like to have > other users (also on our network) to be allowed to have WRITE / MODIFY > access. I am having trouble setting it up. When I try to REMOVE to the > Inherited permissions for Authenticated Users, it removes ALL permissions on > the folder. No default Domain Admin, Enter. Admin, Creator Owner, System, > (etc.). > I was able to recreate the permissions and set them on the folders and > subfolders / files. The issue is that files from "yesterday" and previous > are ACCESS DENIED. They are using the READ ONLY permissions from > Authenticated Users (a few users should have MODIFY permissions and they are > "locked out"). However! if those users with Modify permissions create or > work on documents "today" they are able to access them. The issue is that > they have numerous files and subfolders that do not have current information. > If I try to copy the folders and paste them, it keeps the inherited > permisions from the default share with Authenticated Users as Modify. I am > flustered. > > Thank you for possibly helping. > > Matt
- Next message: Barry: "Auditing Logon Events"
- Previous message: Roger Abell: "Re: How to remove the password affiliated with PDF documents?"
- In reply to: Matt Carter: "Authenticated users permissions"
- Next in thread: Matt Carter: "Re: Authenticated users permissions"
- Reply: Matt Carter: "Re: Authenticated users permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
