NTFS & Shared Permissions combined

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

Im being slightly confused regarding a practice question ive come across in the MS press book.

I think I may have not taken something in, even when i have reread the material, ..........

Ok from what I know, combining shared permissions and NTFS, the most restrictive permissions applies.

and then I got this question, I know ive obviously missed something.........maybe i need a little break from it, as i think im not thinking out of the box and mind is just full of most restriictive applies.........) I went for the fourth answer which was wrong.......and I sort of knew it was wrong, but my mind just got stuck in the mos restrictive applies.and well i had brain meltdown


Example Question below....................

A shared Folder is created called Bob on each workstation. The manager wishes his staff of 50 to access the shared folder remotely, but only with read permissions. Whilst when these same users access the same shared folder within the office, they should have full NTFS permissions.

Which is the best solution


Configure the shared folder permission to Read; NTFS permission Full Control.

Configure the shared folder permission to Full Control; NTFS permission Read.

Configure the shared folder permission to Read; NTFS permission Read.

Inform the managerthat it is not possible to configure the folder to meet his requirements.




-----------------------

 

Oh man! Ad-blocking software has been detected! :'(

This website is run by the community, for the community... and it needs advertisements in order to keep running. Blocking our ads means your killing our stats!
Please disable your ad-block, or become a premium member to hide all advertisements and this notice.

well the answer is 1 (update - books question - before you changed the questions meaning)

NTFS fullcontrol for each users local machine, where the files are stored and work on

and read for the share to restrict whilst working remotely

combined permissions for the share NTFS fullcontrol + share read = Read

each machine has a shared folder called Status

PS your breaking copyright rules

 

I'm opting for the last answer there.....not possible........from the given suggested solutions.

Most restrictive - example of this would be if parent/share is set to read, and you set full in a subfolder, the read set at top level takes presedence and the user will not actually get more than Read.....

Most admins as far as I've experienced set Full at top level and use NTFS permissions to subfolders below......

 

Kept the same subject but changed the actual question

I think i get it now, my brain has had some cola and seems to be relaxing a bit

 

No share permission set at the top level can take presedence..........and the most retrictive rule will come into effect if the permission set at share level is most restrictive.

If for example, you set full at share.........but Read only at NTFS.........then Read is the most restrictive, so Read is applied. Then you go on to Explicit allow and explicit deny........

 

In the example MS stated answer one is correct as stated by Andi

my brain still hurts though:P

 

Well that does not make sense to me......surely it does not matter which way you access the share.......the most restrictive rule will still apply if you access remotely or from the office..........

 

It's worth cross reading on this subject.......you'll be amazed how many very experienced guys I know who still get confused about this.

I had to study this hard to get it to stick for the 70-290 exam.........I'll check when I get home to see if I still have the notes I took around it.......and PM you if you want ?

 

daft_togger


the edited version now has a different meaning from that in the book as originally posted
so yes there answer is now 4


if you saw the original (had to be removed) i think your mis-reading the question .. tbh its not that clearly written (as in the book or software)

each user has a folder on their PC called Status

each user access their own folder locally at their PC requiring full control , hence NTFS full control

each user shares the folder on their PC. , shared as Read as requested

each user accessed their shared folder remotely, shared folder is Read, therefore combined permission is Read

each user access their own folder on their own pc remotely office, home whatever

the shared folder isnt on a single machine and shared out to the office, like i think your reading it
(each users pc has its own folder for remote access)

eg

it's....

\\computer1\Status
\\computer2\Status

etc

Colloghi' can you put a reference so people can find original question (as the edited version doesnt mean the same)?

 

from the MS PRESS BOOK, hope i can quote this........think its where ive gone wrong....

"Shared folder permisions are in effect only when a user connects to the shared folder across the network; they have no effect when the user is accesing a resource when the user is logged on locally to the computer. This is in contrast with NTFS permissions, which are in effect both when the user logs on locally and when the user accesses the resource across the network."

 

Yes that is correct.

the way the original question is written it isnt clear that its reffering to each users status folder and each user its accessing their own folder from their own pc.... not everyone accessing the same single shared folder

when it refers to the folder, it means the folder on each machine (which has been stated)

i do remember this question.... i know i had to re-read several times .. its one of them pig questions

what you now have written isn't the same

... and 4 would be the valid answer for your modification / doesn't make sense

 

Yeah I think thats where ive confused myself, the folder isnt a single folder and thats where ive gone wrong and got my knickers ina twist Its something Ill have to revamp my knowledge on over the weekend, other ill be stuck at the exam:|


The original question I had, i cant provide a link for it as its out the book. .......unfortunately.....


hmmm is there anyway to delete this topic, as i feel it may cause confusion now with anyone viewing it

 

edit original post, under your modified question write note referring to original and print the book title and page number.

then people can look it up.