Auth. Users vs. everyone

MikdillyMikdilly Member Posts: 309
Book says whenever a user logs on to the network that user is automatically added to everyone group. Book also says all users who are authenticated into the network by using a valid user acct are a member of auth. users group. If this is the case, is it true that every user logged onto the network is a member of the auth. users and everyone groups?

Comments

  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    Yes what you've said is correct. In addition, anonymous users are members of the Everyone group but not the Authenticated Users group - that's the distinction.
  • seuss_ssuesseuss_ssues Member Posts: 629
    Everyone that has authenticated to the domain controller is a member of auth and everyone.
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    Everyone that has authenticated to the domain controller is a member of auth and everyone.
    Let me clarify further. Everyone that has logged into an account that is a member of any domain in the forest or any trusted domain/forest is a member of the Authenticated Users group (and like we said "everyone" is a member of the Everyone group).
  • MikdillyMikdilly Member Posts: 309
    If that's the case and I want to assign read access to a shared folder on the network to the auth users group I wouldn't need to add anything as all logged on users would be in everyone and auth users and by default would get read access to the folder. Would that be correct?
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    Mikdilly wrote:
    If that's the case and I want to assign read access to a shared folder on the network to the auth users group I wouldn't need to add anything as all logged on users would be in everyone and auth users and by default would get read access to the folder. Would that be correct?
    Don't forget about NTFS permissions... ;)
  • royalroyal Member Posts: 3,352 ■■■■□□□□□□
    Let's not start another thread of the Anonymous and Everyone thing.

    http://techexams.net/forums/viewtopic.php?t=14600
    “For success, attitude is equally as important as ability.” - Harry F. Banks
  • MikdillyMikdilly Member Posts: 309
    Maybe someone can explain the answer to this question:

    You are configuring permisions for a shared folder on the network. You want all Auth Users to have read access to the files when attaching to the folder across the network, but only members of the Manager's group should be able to read the files when logged on locally to the computer containing the files. Managers also need to change files when logged on locally.

    All users are able to log on locally to the computer.

    What permissions do you need to set on the shared folder?

    A) NTFS - Interactive - Change
    B) NTFS - Interactive - read
    C) NTFS - Auth Users -Change
    D) NTFS - Managers - Change
    E) Share Permission - Network - read
    F) Share Permission - Interactive - read
    G) Share Permission - Managers - change

    I chose just D, book says D and E, why would do you need to add read share permission when Auth users should already have it by default?
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    I would say the answer should have been "NTFS - Managers - Change" and "NTFS Permission - Network - read". Then Authenticated Users should also be granted read access on the share permissions.

    Is this from MeasureUp?
  • MikdillyMikdilly Member Posts: 309
    I would say the answer should have been "NTFS - Managers - Change" and "NTFS Permission - Network - read". Then Authenticated Users should also be granted read access on the share permissions.

    Is this from MeasureUp?

    But the question says only Managers should be able to read files locally, giving auth users ntfs - read would give them local access they shouldn't have.

    Question comes from mspress book for 290, the section at the back 'Preparing for the Exam', don't have the exact page, section 3.something.
  • dynamikdynamik Banned Posts: 12,312 ■■■■■■■■■□
    Both NTFS and Share permissions are used when accessing files and directories over the network. It wouldn't matter what share permissions you've given a group if they don't have NTFS permissions as well. It will look at both and use the most restrictive. i.e. If you have write share and read NTFS, you'd only be able to read. The opposite is also true; if you have read share and write NTFS, you'd only be able to read (at least over the network, you'd have write if you were logged on locally).
  • TontonsamTontonsam Member Posts: 90 ■■□□□□□□□□
    This question is a bit confusing me. If you give for Share permissions ony Network /Read and for NTFS MAnagers / Change, I think that only Managers will be able to access folder accross network cause we have to give also auth users ntfs permissions.
    Posted: Wed Oct 22, 2008 9:29 pm Post subject:


    I would say the answer should have been "NTFS - Managers - Change" and "NTFS Permission - Network - read". Then Authenticated Users should also be granted read access on the share permissions.
    You don't need to give Auth users read access to the share cause Auth users are included in the Network group.

    Edit: I think they have Network NTFS permissions with Read access. With that, auth users will have read access to the network but no access locally.
    MCP 70-270 / 70-290
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    You still have to grant some level of share permissions.
  • MikdillyMikdilly Member Posts: 309
    Maybe someone can explain the answer to this question:

    You are configuring permisions for a shared folder on the network. You want all Auth Users to have read access to the files when attaching to the folder across the network, but only members of the Manager's group should be able to read the files when logged on locally to the computer containing the files. Managers also need to change files when logged on locally.

    All users are able to log on locally to the computer.

    What permissions do you need to set on the shared folder?

    A) NTFS - Interactive - Change
    B) NTFS - Interactive - read
    C) NTFS - Auth Users -Change
    D) NTFS - Managers - Change
    E) Share Permission - Network - read
    F) Share Permission - Interactive - read
    G) Share Permission - Managers - change

    Simulated this question with a shared folder on a server leaving default share permission of Everyone - Read and only adding NTFS - Change to Managers group. Signed on as ordinary user with no group membership other than what they would get by logging on. Was able to access files in the shared folder over the network.
  • astorrsastorrs Member Posts: 3,139 ■■■■■■□□□□
    Mikdilly wrote:
    Simulated this question with a shared folder on a server leaving default share permission of Everyone - Read and only adding NTFS - Change to Managers group. Signed on as ordinary user with no group membership other than what they would get by logging on. Was able to access files in the shared folder over the network.
    I assume you left the default NTFS permissions alone, hence why this worked. That's why I didn't like that question - it didn't specify what the defaults even were...
Sign In or Register to comment.