NTFS permissions

Orion82698

Hey guys! just starting my studying for this test. I have a lot of experiance in XP and 2000, but I just wanted to clear some things up, for myself. Permissions, one this is kinda confussing me. If a user is requesting read, write , exec..... Isn't this the same as Modify? And if it is, then why wouldn't you just have read, write, list, read&execute, and just lose the modify tab? What's the difference? Also, while reading the study guide on this website, I saw that you can allow a group of users to access a folder with modify permissions, yet deny some of the users in the group. Do you do this by "share, permissions" add the group to the share, then give them modify, then click on the security tab, and deny the users who you don't want to have modify, but allow the rest?

Let me know if I confused you......but I think you guys got it

Thanks guys!

Chris

tcpsyn

I dont know if this really answers your questions, but the ntfs/share permission scheme was explained to me like this.

Least/Least/Most.

For local permissions: if you count up all the permissions granted to a user and his/her various groups... the least restrictive wins.

For share permissions: if you count up all the permissions granted to a user and his/her various groups.... the least restrictive wins.

When looking at them both, the most restrictive equals the effective permission.

Disclaimer: Don't listen to me, I'm an idiot.

pmann

Careful here guys, it's the least restrictive provided that there is no explicit "deny" present (a deny overrides any other permissions).

So if someone is granted Read access but is also Denied access, the Deny will win.

I would imagine Webmaster can furnish you with one of his excellent tech notes to help on this.

Webmaster

www.techexams.net/technotes/xp/administration.shtml#ntfsperm