question about share permissions..Passed!
suren327
Member Posts: 44 ■■□□□□□□□□
hey everyone..i'm sitting this exam in a week n i have a question i'm not sure how to figure out..the question is if you wanted the Sales group to have full control permission to a shared folder but u wanted a user in the Sales group to only have read permissions how do you accomplish this?? n e help is appreciated..thanks
Comments
-
CoryS Member Posts: 208In this case if its a specific user you would need to setup a deny permission for their username explicitly, remember most restrictive wins.MCSE tests left: 294, 297 |
-
suren327 Member Posts: 44 ■■□□□□□□□□i don't really understand it..if u set full control on the group n then u add the user name n then try to set permissions to his name..u can't deny full control or modify because then that would automatically deny his read permission..and you can't only select the allow read cuz then he would inherit the full control from the group permissions?? am i right or wrong??
-
CoryS Member Posts: 208If you were to take this user and add him to a group with full control, you would either need to take him out of the group and specify whatever permissions you want and add them to the folder security permissions....
Or what I would do is add this user specifically to that folder and setup a deny - (whatever), even if they are inheriting permissions, the end result is an explicit deny which takes the cake.
I hope I understand your question correctly.MCSE tests left: 294, 297 | -
suren327 Member Posts: 44 ■■□□□□□□□□i'll try it again when i go on my lab..thanks..does n e one else have other ideas for a solution to this problem?
-
sprkymrk Member Posts: 4,884 ■■■□□□□□□□If you select "deny" write permission, but leave "read" as allowed for the user, you will effectively narrow that user's permissions to read only, regardless of his/her group membership. By denying "write" access, that user no longer has the full control because he/she cannot modify, delete, change ownership, etc. Only read access is allowed. Note - this is done on the NTFS Security settings, not the share level permissions.
BTW - If you deny "Full Control", the user will not even have read access.All things are possible, only believe.