Options
Effective Permissions confused!!
spicc7
Member Posts: 47 ■■□□□□□□□□
Hi all,
First let me say this is an excellent site! I used the practice exams and technotes for my A+, Network+ exams.
I am gearing up to go for the 70-210 and I keep fumbling over security questions.
I know you guys can set the record straight.
When combining share and NTFS (Folder) permissions. Is it the least restrictive or most-restrictive. And could you please explain what's meant by "least/most".
By 'least' do you mean, the permission that gives the user the most control?
I apologize if this question was posted before. (couldn't find it)
Thanks in advance!
First let me say this is an excellent site! I used the practice exams and technotes for my A+, Network+ exams.
I am gearing up to go for the 70-210 and I keep fumbling over security questions.
I know you guys can set the record straight.
When combining share and NTFS (Folder) permissions. Is it the least restrictive or most-restrictive. And could you please explain what's meant by "least/most".
By 'least' do you mean, the permission that gives the user the most control?
I apologize if this question was posted before. (couldn't find it)
Thanks in advance!
__________________________________________
CCNA, CCNA Security, MCSA, MCP, A+, Network+
CCNA, CCNA Security, MCSA, MCP, A+, Network+
Comments
-
OptionsD-boy
Member Posts: 595
when combining share and NTFS permissions
the MOST restrictive right applies ie. Read and Full Control it is Read
when combining only NTFS permissions
the LEAST restictive applies ie. Read and Full Control it is Full Control
this permission overrides all other permissions
DENY
D-boy -
Optionsspicc7
Member Posts: 47 ■■□□□□□□□□
Thanks D-boy!
That really clears things up a lot.
Also I was able to tract down the answer through an archive post:
http://www.techexams.net/forums/viewtopic.php?t=257&highlight=effective+permissions
The poster suggested using a table with columns NTFS and SHARE
and then assigning each user or group a row. Then filling in the permissions for each column. This really helped me to visualize the process.
Thanks for your fast response - it helped me further clarify!
__________________________________________
CCNA, CCNA Security, MCSA, MCP, A+, Network+ -
Optionsaznluvsmc
Member Posts: 47 ■■□□□□□□□□
Actually, when combining NTFS permissions the term "Least restrictive" is not used. Multiple NTFS permissions are referred to as cumulative meaning we combine the permissions.
The reason we don't use Least restrictive is that both the Read permission and the Write permission are considered to be equal. It is possible to have one of these permissions without the other. -
Options
rossonieri#1
Member Posts: 799 ■■■□□□□□□□
i think i have the same problemo... well then, we have to study a lot harder i guessthe More I know, that is more and More I dont know. -
Optionstschnabel99
Member Posts: 51 ■■□□□□□□□□
Remember this!
Share Level Permissions=Folder
NTFS=File Level Permissions
Least Restrictive means to the user. Ex. Full Control vs. Read
Explanation: The appropriate way to determine effective permissions to a resource is illustrated in the three steps below:
1. Determine the effective share-level permission. The effective share-level permission will be the least restrictive permission of all of those assigned to a user or to groups that the user is a member of. The exception is the No Access permission which will override all other permissions.
2. Determine the effective NTFS permission. The effective NTFS permission will be the cumulative of all of the NTFS permissions assigned to the user and to groups that the user is a member of. The exception is if there are any Deny permissions assigned. Deny permissions will override Allow permissions.
3. The effective overall permission will be the most restrictive of the effective share-level permission and the effective NTFS permission. The most restrictive of Full Control and Read would be Read which would be the effective perms.Hain't no thang like a chicken wang!!
, Thanks aznluvsmc I forgot to mention that too... 
