NTFS permissions not applying consistently

Hi,

I have two shared folders on the same server, Homedirs and Test. Share
permissions on both are Full Control to the Everyone Group. Both have the
same NTFS permissions set. From a Windows 2000 client I can open either of
them. With the same user account from a Windows XP client I can open and
read 1 of them, but the other one results in the error message:

" \\servername\homedirs is not accessible. You might not have permission to
use this network resource. Contact the administrator of this server to find
out if you have access permissions.

Access is denied."

The share I'm having trouble getting into (only on XP clients) was
originally set up to allow only Traverse on "this folder only", and I just
added "List Folder/Read Data" last night. The other test folder that is
working fine was set up exactly the same as that when I created it
yesterday.

I can see why there might be a difference between how the two OSes handle
the file level permissions, but why would XP be able to open one and not the
other when the share and file level permissions are identical? The user I'm
testing with is not a domain admin, so is gaining access as a member of
Everyone. (I've had another standard user try the same from another machine
with the same results.

Any thoughts appreciated.

Thanks,

Phil

Here are the permissions for the two:

Accessible share:

"F:\test DOMAIN\Domain Admins:(OI)(CI)(IO)F
DOMAIN\Domain Admins:(special access:)

DELETE
READ_CONTROL
WRITE_OWNER
SYNCHRONIZE
FILE_GENERIC_READ
FILE_GENERIC_WRITE
FILE_GENERIC_EXECUTE
FILE_READ_DATA
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_READ_EA
FILE_WRITE_EA
FILE_EXECUTE
FILE_DELETE_CHILD
FILE_READ_ATTRIBUTES
FILE_WRITE_ATTRIBUTES

Everyone:(special access:)

SYNCHRONIZE
FILE_READ_DATA
FILE_EXECUTE

NT AUTHORITY\SYSTEM:(OI)(CI)F"

Inaccessible share:

H:\homedirs DOMAIN\Domain Admins:(OI)(CI)(IO)F
DOMAIN\Domain Admins:(special access:)

DELETE
READ_CONTROL
WRITE_OWNER
SYNCHRONIZE
FILE_GENERIC_READ
FILE_GENERIC_WRITE
FILE_GENERIC_EXECUTE
FILE_READ_DATA
FILE_WRITE_DATA
FILE_APPEND_DATA
FILE_READ_EA
FILE_WRITE_EA
FILE_EXECUTE
FILE_DELETE_CHILD
FILE_READ_ATTRIBUTES
FILE_WRITE_ATTRIBUTES

Everyone:(special access:)

SYNCHRONIZE
FILE_READ_DATA
FILE_EXECUTE

NT AUTHORITY\SYSTEM:(OI)(CI)F


.

Relevant Pages

  • RE: Windows 2003 Server - Everyone Group
    ... this folder only accessable by the users in the "special" group. ... Configure User and Group Access on an Intranet in Windows Server ... NTFS files system permissions control ... group that you want to set permissions for, click Check Names to verify the ...
    (microsoft.public.win2000.networking)
  • Re: Unable to print to networked printer - get access denied messa
    ... Check the permissions on the server assuming the client has a true RPC ... How is the Standard TCP/IP port configured for the device? ...
    (microsoft.public.windowsxp.print_fax)
  • Re: Office Docs wont Open? and BU Drive not Recognized?
    ... Create a new Folder: ... On the server share... ... SHARING tab | Permissions | Share Permissions | Group or User Names ... If I copy the document to the local Client, the document opens ...
    (microsoft.public.windows.server.sbs)
  • Re: Office Docs wont Open? and BU Drive not Recognized?
    ... On the server share... ... SHARING tab | Permissions | Share Permissions | Group or User Names ... Client Desktop, which open fine there? ... If I copy the document to the local Client, the document opens ...
    (microsoft.public.windows.server.sbs)
  • Re: An NT Security Gotcha that looks like a Jet Security issue
    ... >people remotely via Windows Terminal Server. ... >code when it was run by a user that didn't have full permissions on ... There's a top-level DATA folder, ... >ApplicantsDB and Quickbooks. ...
    (comp.databases.ms-access)