I am currently facing difficulties in sharing files/folder over the network in WINDOWS 2003 domain environment.

PROLEM is easy to understand. I want to enable File/Folder sharing but restriction applies as one department can't access other department's shared folder.

First of all i can't understand two tabs one is Share Permissions another is Security Tab. I can understand that Share Permission relates to Network Sharing Permissions and Security Setting reflects to Local Security. But still can't differentiate properly where to set what for whom.

Now the main problem is file/folder sharing works ok as i want, but it only works when i add individual users in share permission setting, but doesn't work when i add users in group and then add group in share permission settings.

So i can't understand why it works with individual users and why doesn't work with users in group.

I want to assign permissons to group rather than individual users and facing this difficulty.



9 Years
Discussion Span
Last Post by Squires

You don't want to mess with share permissions too much. They are rather basic and only apply when a user is accessing a file or folder over the network. NTFS permissions apply to all users, local or network.

When determining what applies to whom remember this: when combining share and NTFS permissions, the most restrictive permissions between the two will be applied. For example, on a folder you have share permissions: everyone, read and NTFS permissions: everyone modify, it will take the most restrictive permissions, so someone accessing this folder across the network would only have read permissions. Lets the same person logged on to the machine locally, share permissions would not apply, because he is not going across the network. In this case only NTFS permissions would apply so he would have modify permissions.

Since the most restrictive permissions are used, and NTFS permissions apply to everyone while share permissions only apply to network users, it is common that an admin will set share permissions to full control - everyone. The admin will then use the NTFS permissions to restrict the files and folders as necassary. By putting share permissions at full control - everyone, the NTFS permissions will always be the most restrictive. This simplifies where ot set the permissions, while giving you more control as NTFS gives you more options for restricting access.

This topic has been dead for over six months. Start a new discussion instead.
Have something to contribute to this discussion? Please be thoughtful, detailed and courteous, and be sure to adhere to our posting rules.