Information Technology Reference
In-Depth Information
FigureĀ 4.4 shows this user's permissions. The Marketing group has Read and Execute
permissions to the
Stellacon Documents
folder. The Sales group has Read and Write,
and the R&D group has Full Control. Since wpanek is a member of all three groups,
wpanek would get Full Control (the highest level).
Security settings on the
Stellacon Documents
folder
figuRe 4.4
Stellacon Documents
Marketing
Sales
R&D
RX
RW
FC
The only time this does not apply is with the Deny permission. Deny overrides any other
group setting. Taking the same example, if Sales has Deny permission for the
Stellacon
Documents
folder, the user wpanek would be denied access to that folder. The only way
around this Deny is if you added wpanek directly to the folder and gave him individual
permissions (see Figure 4.5). Individual permissions override a group Deny. In this example,
the individual right of wpanek would override the Sales group's Deny. The user's security
permission for the
Stellacon Documents
folder would be Full Control.
figuRe 4.5
Individual permissions
Stellacon Documents
Marketin
g
RX
Sales
Deny
R&D
FC
wpanek
FC
Give users only the permissions necessary to do their jobs. Do not give
them higher levels than they need.
Understanding Shared Permissions
When you set up a folder to be shared, you have the ability to assign that folder's permis-
sions.
Shared permissions
can be placed only on the folder and not on individual files. Files
have the ability to inherit their permissions from the parent folder.
Shared folder permissions are in effect only when users are remote to the shared data. In
other words, if computer A shares a folder called
Downloads
and assigns that folder shared
permissions, those permissions would apply only if you connected to that share from a
machine other than computer A. If you were sitting in front of computer A, the shared
permissions would not apply.
Search WWH ::
Custom Search