Re: Shared Vs NTFS Security



On 09/02/2010 19:12, Buck Turgidson wrote:
Believe me, I am all for figuring things out. But when a question is
vaguely worded, it is difficult. The NTFS permissions are more restrictive
in this case, and will narrow the share permissions.

I guess the loophole is if another folder is added to the share.

I'll be nice and explain it:

The question isn't vaguely worded if you look at the requirements. I can't be bothered to type them out so I'll just refer to them as 1, 2 and 3:

Requirement 3 is the key one in this case. Because Sales and Marketing have full NTFS permissions on their respective folders, and Authenticated Users have full control of the share, Sales and Marketing will therefore be able to modify NTFS permissions on the files in their folders.

Reducing the share permissions to Change instead of Full Control will allow the Sales and Marketing groups to create/modify/delete files in their respective folders (satisfying requirements 1 and 2), but not change the NTFS permissions even though they have Full Control over the folder (satisfying requirement 3)

Stop using the braindumps and spend more time on the newsgroups asking questions, it'll probably be more beneficial :-)

--
Chris M.
MBCS CITP
MCSE | MCSA | MCTS | MCDST | CCNA
.