Sign in with
Sign up | Sign in
Your question

shared folders best practices**

Tags:
  • File System
  • Windows
Last response: in Windows 2000/NT
Share
Anonymous
August 18, 2004 3:23:24 AM

Archived from groups: microsoft.public.win2000.file_system (More info?)

Hi All
I have a number of network users that I would like to begin by setting up
users shares , however I have read that share permission should not be use
for a number of reason e.g replication - shared permission are not
replicated or auditing- you cannot audit file shares permission etc.. as a
result I would like to used NTFS permission to lock down my shares..
Let say .. user A is the only account with the exception of administrators
that should have access to a shared folder .. here is how I have configure
the share..
On the share I have set shared permissions to allow full control to the
everyone group then on the NTFS permission I have set User A with change
permissions and Domain admins - full control..
Is this correct ?

Thanks

More about : shared folders practices

Anonymous
August 18, 2004 9:05:59 PM

Archived from groups: microsoft.public.win2000.file_system (More info?)

"Darren D" <Darren@somewhere.com> wrote in message
news:%23w%2345KNhEHA.536@TK2MSFTNGP11.phx.gbl...
> Hi All
> I have a number of network users that I would like to begin by setting up
> users shares , however I have read that share permission should not be use
> for a number of reason e.g replication - shared permission are not
> replicated or auditing- you cannot audit file shares permission etc.. as a
> result I would like to used NTFS permission to lock down my shares..
> Let say .. user A is the only account with the exception of administrators
> that should have access to a shared folder .. here is how I have configure
> the share..
> On the share I have set shared permissions to allow full control to the
> everyone group then on the NTFS permission I have set User A with change
> permissions and Domain admins - full control..
> Is this correct ?

That would work, although, the generally accepted practice is to put User A
in Group Z and then give group Z the permissions. That way, if User B takes
User A's place, you only have to remove User A from Group Z and add User B
in his place; thereby giving User B ALL of User A's permissions/rights in a
few very easy steps. This is much easier than having to remember all of the
permissions/rights that have been set up for User A.

>
> Thanks
>
>
!