No announcement yet.

NTFS Permissions

  • Filter
  • Time
  • Show
Clear All
new posts

  • NTFS Permissions

    Hi All

    I would like to get best practice for the following:

    On my w2k server, I have a folder that two people require full access, all others require read access.

    I have created 2 security groups, one for full access and added my 2 users, the other to be read only.

    I have added the full access group to the folder and granted full permissions. For the read only group, I am unsure what members the read only group should have. If I add domain users, my other 2 users would be part of that group and the most restrictive permissions apply, if my memory serves me correctly. Any help gratefully received.


  • #2
    Re: NTFS Permissions

    Originally posted by Ade256 View Post
    most restrictive permissions apply
    No, but yes.

    No, 'allow' permissions are summative. Granting someone 'Read' and 'Full Control' permissions means they have Full Control.

    Yes, deny permissions take precedence over allow. Denying someone 'Read' and granting 'Full Control' prevent them from opening the file.

    I strongly recommend against granting Full Control permissions to any user other than administrators and IT staff except where necessary, as this allows users to modify the permissions of a file.
    Gareth Howells

    BSc (Hons), MBCS, MCP, MCDST, ICCE

    Any advice is given in good faith and without warranty.

    Please give reputation points if somebody has helped you.

    "For by now I could have stretched out my hand and struck you and your people with a plague that would have wiped you off the Earth." (Exodus 9:15) - I could kill you with my thumb.

    "Everything that lives and moves will be food for you." (Genesis 9:3) - For every animal you don't eat, I'm going to eat three.