Home
Certification Preparation
Microsoft
MCSA / MCSE on Windows 2003 General
Server 70-290
question about share permissions..Passed!
suren327
hey everyone..i'm sitting this exam in a week n i have a question i'm not sure how to figure out..the question is if you wanted the Sales group to have full control permission to a shared folder but u wanted a user in the Sales group to only have read permissions how do you accomplish this?? n e help is appreciated..thanks
Find more posts tagged with
Comments
CoryS
In this case if its a specific user you would need to setup a deny permission for their username explicitly, remember most restrictive wins.
suren327
i don't really understand it..if u set full control on the group n then u add the user name n then try to set permissions to his name..u can't deny full control or modify because then that would automatically deny his read permission..and you can't only select the allow read cuz then he would inherit the full control from the group permissions?? am i right or wrong??
CoryS
If you were to take this user and add him to a group with full control, you would either need to take him out of the group and specify whatever permissions you want and add them to the folder security permissions....
Or what I would do is add this user specifically to that folder and setup a deny - (whatever), even if they are inheriting permissions, the end result is an explicit deny which takes the cake.
I hope I understand your question correctly.
suren327
i'll try it again when i go on my lab..thanks..does n e one else have other ideas for a solution to this problem?
sprkymrk
If you select "deny" write permission, but leave "read" as allowed for the user, you will effectively narrow that user's permissions to read only, regardless of his/her group membership. By denying "write" access, that user no longer has the full control because he/she cannot modify, delete, change ownership, etc. Only read access is allowed. Note - this is done on the NTFS Security settings, not the share level permissions.
BTW - If you deny "Full Control", the user will not even have read access.
suren327
thanks i tried it and it worked..
suren327
Passed with a 700! just made it...291 next.
janmike
Congratulations!
7255carl
congrats
Quick Links
All Categories
Recent Posts
Activity
Unanswered
Groups
Best Of
