Re: Win 2003 - Share can be read with no NTFS permission?
From: Pat (nobody_at_nobody.com)
Date: 10/27/04
- Next message: Lanwench [MVP - Exchange]: "Re: Security Event Logging"
- Previous message: Charles Blair: "Security Event Logging"
- In reply to: Pat: "Re: Win 2003 - Share can be read with no NTFS permission?"
- Next in thread: Steven L Umbach: "Re: Win 2003 - Share can be read with no NTFS permission?"
- Reply: Steven L Umbach: "Re: Win 2003 - Share can be read with no NTFS permission?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 27 Oct 2004 11:52:34 -0400
If I setup a sharecalled share2 with full share permissions and add a
group called testgroup and put a user called test in that group and
give the group R permissions on the folder. I then logon at a WS with
the user Test who is a domain user default rights on the domain and
administrative rights on the WS, I have Read rights on any
folders\files that were created by the admin on the server in share2.
I cannot delete these. I can create a file and in the NTFS permissions
I have Read rights on the testgroup group and it also puts in the test
user with full rights. where do the full rights come from. If I just
want a share that users can only read, not write or modify how can I
do that?
On Wed, 27 Oct 2004 10:05:31 -0400, Pat <nobody@nobody.com> wrote:
>I have setup a similar setup, with a new share with default
>permissions in W3K (read). Add a test user with R X L R ntfs
>permissions. I logon with a workstation on that domain as test user
>and try to create a folder and file in the share with no success. If I
>add change to the share permissions I can create a folder and file in
>the share. I thought the least restrictive permissions were applied
>between shares and NTFS?
>On Wed, 27 Oct 2004 03:37:51 GMT, "Steven L Umbach"
><n9rou@n0-spam-for-me-comcast.net> wrote:
>
>>You show that users have read/list permissions to that folder. Since you are
>>in a domain, that is enough to allow another domain user to access the
>>folder from another domain computer. --- Steve
>>
>>"Patrick Saunders" <psaunder@comcen.com.au> wrote in message
>>news:7bfe00fe.0410261755.11d2fffa@posting.google.com...
>>> Hi,
>>> I apoligise in advance if this is the wrong newsgroup - I could not
>>> find one for win2003.
>>>
>>> Scenario:
>>>
>>> I have small test domain with couple of machines.
>>>
>>> 1. On a member win2003 server machine '2K3Client' I created folder
>>> "c:\ShareA"
>>> 2. I shared folder "ShareA", with default permissions.
>>>
>>> This shows permissions as such:
>>>
>>> Share permissions
>>> =================
>>> Everyone - Read
>>>
>>>
>>> NTFS Security permissions
>>> ==========================
>>> Administrators(2K3Client\Administrators) - Full
>>> SYSTEM - Full
>>> Users (2K3Client\Users) - Read,List, Special.
>>>
>>>
>>> Question:
>>> ------------
>>> I log into another machine as a test user, with no special
>>> privelleges.
>>> I can navigate to the share "ShareA" on Machine "2k3Client" AND I can
>>> view
>>> the contents of that folder.
>>>
>>> I do not understand why I can see contents of folder if there are no
>>> NTFS permissions to allow this? Can someone please explain?
>>>
>>> Many thanks in advance,
>>>
>>> Patrick.
>>
- Next message: Lanwench [MVP - Exchange]: "Re: Security Event Logging"
- Previous message: Charles Blair: "Security Event Logging"
- In reply to: Pat: "Re: Win 2003 - Share can be read with no NTFS permission?"
- Next in thread: Steven L Umbach: "Re: Win 2003 - Share can be read with no NTFS permission?"
- Reply: Steven L Umbach: "Re: Win 2003 - Share can be read with no NTFS permission?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
