Re: Security and Permissions
From: jmos (anonymous_at_discussions.microsoft.com)
Date: 08/05/04
- Next message: priscilla: "secure sites"
- Previous message: Paul Adare - MVP - Microsoft Virtual PC: "Re: Urgent - setting maximum password length in Windows"
- In reply to: Steven L Umbach: "Re: Security and Permissions"
- Next in thread: Steven L Umbach: "Re: Security and Permissions"
- Reply: Steven L Umbach: "Re: Security and Permissions"
- Reply: Andrew Mitchell: "Re: Security and Permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 4 Aug 2004 15:42:55 -0700
Thank you Steven
Yes I am including the NTFS Permissions.
What I'm doing is this:
1. Create a group (Share Group) and and GP 1-3 to it.
Share Permissions -> Domain Admin -> Full Control
-> Share Group -> Change
Share NTFS -> Domain Admin -> Full Control
-> Share Group -> Modify (Special)
Share Sub folders no Inheritance
Share Sub Folder 1-> Domain Admin -> Full Control
NTFS -> Group1 -> Modify (Special)
Share Sub Folder 2-> Domain Admin -> Full Control
NTFS -> Group2 -> Modify (Special)
Share Sub Folder 3-> Domain Admin -> Full Control
NTFS -> Group3 -> Modify (Special)
User Joe appears only in Group1
User Mary appears in Group 1 and 3
Now my understanding is that for user Joe they would get
the most restrictive of both the Share and the NTFS of the
share AND that the NTFS of the Sub Folder overrides the
securities of the forementioned i.e only access to Share
Sub folder 1. The same would apply to User Mary i.e access
to only Sub Folders 1 and 3 not 2.
Am I right in saying this?
If so why is this not currently working in my domain and
what else should I do or be looking for?
Many thanks for your reply
JMOS
>-----Original Message-----
>Are you configuring ntfs permissions also? You also might
try to use three top shares
>instead as SB1, SB2, and SB3. However you do it, give
system and administrators full
>control ntfs permissions and then add the appropriate
user group with the needed ntfs
>permissions to each folder. If you are sharing one top
folder then give
>administrators full control and users change permissions
to the share. If you use
>three top shares then give administrators full control
and the appropriate group
>change control to each folder. Ntfs permissions are in a
folders properties/security
>page. When you test results be sure to logon as a user
and not as an administrator
>and log off and back on after a change to share or ntfs
permissions. For a network
>users, their permission to a share will be the most
restrictive of either the share
>or ntfs permissions. The link below may help. --- Steve
>
>http://support.microsoft.com/default.aspx?kbid=300691
>
>"jmos" <anonymous@discussions.microsoft.com> wrote in
message
>news:c31101c47a3a$5130eff0$a301280a@phx.gbl...
>> Can some explain (simply) how Share, folder and sub
folder
>> permissions work because evrything I do in my domain
>> simply does not work?
>>
>> All users have access to everything regardless of what
>> permissions I set.
>>
>> I leave the network for up to and hour, log on as a test
>> user and they still have access to everthing even
though I
>> specify access to only a select no. of shares.
>>
>> Currently I have a share - SHARE A with Subfolders SB1-
>> SB3.
>>
>> Each SB folder is a project which only a select few can
>> have access to.
>>
>> If I have groups GP1 -3 for each SB folder what
>> permissions should I have for:
>>
>> 1. the Share
>> 2. the Share folder (Security)
>> 3. the SB folders in the share.
>>
>> Hope someone can help.
>>
>> TIA.
>
>
>.
>
- Next message: priscilla: "secure sites"
- Previous message: Paul Adare - MVP - Microsoft Virtual PC: "Re: Urgent - setting maximum password length in Windows"
- In reply to: Steven L Umbach: "Re: Security and Permissions"
- Next in thread: Steven L Umbach: "Re: Security and Permissions"
- Reply: Steven L Umbach: "Re: Security and Permissions"
- Reply: Andrew Mitchell: "Re: Security and Permissions"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
