You are right, but Mustafa discusses not to modify share permissions as a general rule. If you wish to go through the extra work of modifying the advanced NTFS permissions for all of your network shares then by all means...
But if you just want to keep people from viewing folders in your shares it is easier to modify share permissions. In the original posting this is not the case obviously because they are trying to achieve a different goal. -----Original Message----- From: Roger Seielstad [mailto:[EMAIL PROTECTED]] Sent: Monday, December 30, 2002 11:49 AM To: NT 2000 Discussions Subject: RE: Possible STUPID NTFS Question That's only if you don't explicitly manage the List permissions for the shared folder (via NTFS), as was originally asked. ------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Ed Esgro [mailto:[EMAIL PROTECTED]] > Sent: Monday, December 30, 2002 11:35 AM > To: NT 2000 Discussions > Subject: RE: Possible STUPID NTFS Question > > > I concur. > > If you allow full access to a share the people will be able > to view what is > in the share. > If a person goes to share name called HR and then sees a > directory below it > called "next month drug screens" they may be more inclined to > try to hack > their way into that folder. > What they don't know won't hurt them. > > -----Original Message----- > From: Andrew S. Baker [mailto:[EMAIL PROTECTED]] > Sent: Monday, December 30, 2002 11:24 AM > To: NT 2000 Discussions > Subject: RE: Possible STUPID NTFS Question > > I disagree. > > Using both sets of permissions (share and file) is a more > effective way > to manage resources, rather than letting everyone connect to every > share, only to find that they can't access anything below it. > > There are very few shares that I'll leave with "EVERYONE:F" on them. > > > > ============================================================== > ASB - http://www.ultratech-llc.com/KB/?File=Perms.TXT > ============================================================== > > > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of > Mustafa Ibrahim > Sent: Monday, December 30, 2002 10:23 AM > To: NT 2000 Discussions > Subject: RE: Possible STUPID NTFS Question > > > > It is best you don't mix Share permissions with NTFS. It can be > impossible to manage as it can cause confusion. Usually we'd > assign full > share permission to authenticated users, and lockdown the NTFS > permissions. I would highly recommend this. If what you want > is to hide > folders, it is much more sensible to use hidden shares and just map a > drive directly to that folder. I hope this helps. Good luck. > > > > -----Original Message----- > From: Chris H [mailto:[EMAIL PROTECTED]] > Sent: 30 December 2002 14:45 > To: NT 2000 Discussions > Subject: Possible STUPID NTFS Question > > > I have never actually had to do this before (but I do now thanks to my > boss! > :) > > Can you set up NTFS permission so if there are a group of > folders in the > root of a shared folder, a group has CHANGE SHARE permissions and then > CHANGE FOLDER permissions on ONE of the folders but not even > SEE (LIST?) > the rest of the folders? I have tried selecting the rest and setting > DENY on every option but you can still list them and see > them. Ideas? Am > I missing something stupid? Windows 2000 server sp3 > > Thanks! > > Chris > > > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > > > > > > *****This email and any files transmitted with it are confidential and > intended solely for the use of the addressee. If you have > received this > email in error please notify [EMAIL PROTECTED] Any > views or opinions > presented in this email are solely those of the author and do not > necessarily represent those of Stainsafe Inc. or any of its > subsidiaries or > affiliates. The company accepts no liability for any damage > caused by any > virus transmitted by this email.***** > > ------ > You are subscribed as [EMAIL PROTECTED] > Archives: http://www.swynk.com/sitesearch/search.asp > To unsubscribe send a blank email to %%email.unsub%% > ------ You are subscribed as [EMAIL PROTECTED] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to %%email.unsub%% *****This email and any files transmitted with it are confidential and intended solely for the use of the addressee. If you have received this email in error please notify [EMAIL PROTECTED] Any views or opinions presented in this email are solely those of the author and do not necessarily represent those of Stainsafe Inc. or any of its subsidiaries or affiliates. The company accepts no liability for any damage caused by any virus transmitted by this email.***** ------ You are subscribed as [email protected] Archives: http://www.swynk.com/sitesearch/search.asp To unsubscribe send a blank email to [EMAIL PROTECTED]
