Auth. Users vs. everyone

Book says whenever a user logs on to the network that user is automatically added to everyone group. Book also says all users who are authenticated into the network by using a valid user acct are a member of auth. users group. If this is the case, is it true that every user logged onto the network is a member of the auth. users and everyone groups?

Find more posts tagged with

Comments

astorrs

Yes what you've said is correct. In addition, anonymous users are members of the Everyone group but not the Authenticated Users group - that's the distinction.

seuss_ssues

Everyone that has authenticated to the domain controller is a member of auth and everyone.

astorrs

seuss_ssues wrote:

Everyone that has authenticated to the domain controller is a member of auth and everyone.

Let me clarify further. Everyone that has logged into an account that is a member of any domain in the forest or any trusted domain/forest is a member of the Authenticated Users group (and like we said "everyone" is a member of the Everyone group).

Mikdilly

If that's the case and I want to assign read access to a shared folder on the network to the auth users group I wouldn't need to add anything as all logged on users would be in everyone and auth users and by default would get read access to the folder. Would that be correct?

astorrs

Mikdilly wrote:

If that's the case and I want to assign read access to a shared folder on the network to the auth users group I wouldn't need to add anything as all logged on users would be in everyone and auth users and by default would get read access to the folder. Would that be correct?

Don't forget about NTFS permissions...

royal

Let's not start another thread of the Anonymous and Everyone thing.

http://techexams.net/forums/viewtopic.php?t=14600

Mikdilly

Maybe someone can explain the answer to this question:

You are configuring permisions for a shared folder on the network. You want all Auth Users to have read access to the files when attaching to the folder across the network, but only members of the Manager's group should be able to read the files when logged on locally to the computer containing the files. Managers also need to change files when logged on locally.

All users are able to log on locally to the computer.

What permissions do you need to set on the shared folder?

A) NTFS - Interactive - Change

NTFS - Interactive - read
C) NTFS - Auth Users -Change
D) NTFS - Managers - Change
E) Share Permission - Network - read
F) Share Permission - Interactive - read
G) Share Permission - Managers - change

I chose just D, book says D and E, why would do you need to add read share permission when Auth users should already have it by default?

astorrs

I would say the answer should have been "NTFS - Managers - Change" and "NTFS Permission - Network - read". Then Authenticated Users should also be granted read access on the share permissions.

Is this from MeasureUp?

Mikdilly

I would say the answer should have been "NTFS - Managers - Change" and "NTFS Permission - Network - read". Then Authenticated Users should also be granted read access on the share permissions.

Is this from MeasureUp?

But the question says only Managers should be able to read files locally, giving auth users ntfs - read would give them local access they shouldn't have.

Question comes from mspress book for 290, the section at the back 'Preparing for the Exam', don't have the exact page, section 3.something.

dynamik

Both NTFS and Share permissions are used when accessing files and directories over the network. It wouldn't matter what share permissions you've given a group if they don't have NTFS permissions as well. It will look at both and use the most restrictive. i.e. If you have write share and read NTFS, you'd only be able to read. The opposite is also true; if you have read share and write NTFS, you'd only be able to read (at least over the network, you'd have write if you were logged on locally).

Tontonsam

This question is a bit confusing me. If you give for Share permissions ony Network /Read and for NTFS MAnagers / Change, I think that only Managers will be able to access folder accross network cause we have to give also auth users ntfs permissions.

Posted: Wed Oct 22, 2008 9:29 pm Post subject:

I would say the answer should have been "NTFS - Managers - Change" and "NTFS Permission - Network - read". Then Authenticated Users should also be granted read access on the share permissions.

You don't need to give Auth users read access to the share cause Auth users are included in the Network group.

Edit: I think they have Network NTFS permissions with Read access. With that, auth users will have read access to the network but no access locally.

astorrs

You still have to grant some level of share permissions.

Mikdilly

Maybe someone can explain the answer to this question:

You are configuring permisions for a shared folder on the network. You want all Auth Users to have read access to the files when attaching to the folder across the network, but only members of the Manager's group should be able to read the files when logged on locally to the computer containing the files. Managers also need to change files when logged on locally.

All users are able to log on locally to the computer.

What permissions do you need to set on the shared folder?

A) NTFS - Interactive - Change
NTFS - Interactive - read
C) NTFS - Auth Users -Change
D) NTFS - Managers - Change
E) Share Permission - Network - read
F) Share Permission - Interactive - read
G) Share Permission - Managers - change

Simulated this question with a shared folder on a server leaving default share permission of Everyone - Read and only adding NTFS - Change to Managers group. Signed on as ordinary user with no group membership other than what they would get by logging on. Was able to access files in the shared folder over the network.

astorrs

Mikdilly wrote:

Simulated this question with a shared folder on a server leaving default share permission of Everyone - Read and only adding NTFS - Change to Managers group. Signed on as ordinary user with no group membership other than what they would get by logging on. Was able to access files in the shared folder over the network.

I assume you left the default NTFS permissions alone, hence why this worked. That's why I didn't like that question - it didn't specify what the defaults even were...