December 2019
Beginner
510 pages
12h 7m
English
Content preview from Networking Fundamentals
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
Start your free trial
Combining share and NTFS permissions
We have already identified that NTFS permissions are effective both locally and over the network. Therefore, what if a user tries accessing a resource where the two sets of permissions conflict with each other? We perform a three-step process to identify the effective permission:
- Look at the share permissions and take the least restrictive.
- Look at the NTFS permissions and take the least restrictive.
- Compare the two least restrictive permissions you identified at step 1 and step 2, and the most restrictive of these applies.
I'm going to give an example here to reinforce this. A user is in the groups listed:
|
Group |
Share permission |
NTFS permission |
|
Sales |
Full Control |
Read |
|
Managers |