Use "Effective Permissions" tab on Advanced to check them

From: Gordon Fecyk (gordonf_at_pan-am.ca)
Date: 03/11/05


Date: Thu, 10 Mar 2005 17:25:20 -0600


> The behavior is as follows:
> When applying permissions to a file that removes inheritance of other
ACE's
> and adds permissions that allow full access for say "user1" and denys all
> access for "user2". Now it is not possible to move/copy/rename this file,
> however _deleting_ always works. Despite user2 not being of an
administrator
> group, not being the owner or having any rights to the file.
>
> I've seen this behavior on the latest sp for windows xp and back to
windows
> 2000, don't know about NT 4.0..

If it's XP and you have "Simple File Sharing" turned off (or are using Safe
Mode), you can view the effective permissions on a file after taking
inherited permissions and groups into account. Look for the "effective
permissions" tab on the Advanced Security windows, and have it check a user
or group to determine what their permissions are on the file or folder.

-- 
PGP key (0x0AFA039E): <http://www.pan-am.ca/consulting@pan-am.ca.asc>
Prevent problems before they happen and help others avoid bad design.
<http://www.pan-am.ca/antiwindowscatalog/>