Effective Permissions

[dragontkm]

Please help explain:

Why can't user access the data in shared folder while having the Effective Permissions in the Advance Security Settings to the resource for her??

Thx in advance

[cluberti]

What are the NTFS permissions on the actual folder? Share permissions control share access, but NTFS permissions also apply after share permissions have been processed.

[dragontkm]

Originally, it came from this exam question. I'm taking 70-290 soon and studying on my own with limited materials.

You are the network administrator for Company.com

The network consists of a single Active Directory domain named Company.com. All network servers run

Windows Server 2003 .All client computers run Windows XP Professional.

A user named Laura regurarly accesses a folder named LauraDocs on a server named Company1.

You instruct another administrator to audit and modify share permissions and NTFS permissions on

. Now, Laura reports that she cannot access the shared folder from the network.

You verify that no changes were made to group memberships in the domain. On Company1, you view effective permissions for the LauraDocs folder, as shown in the exhibit, You need to ensure that Laura can access the data in the shared folder.

What should you do?

Exhibit shows; All effective Permission Entries selected except for Full Control,Delete Subfolders and Filters. (and they are in shaded boxes so, I assume that they are inherinted entries)

A.Add Laura's user account to the ACL on the Sharingtab.

B.Instruct Laura to log off and log on to the computer.

C.Delete Laura's user account and re-create the user account.

D.Add Laura'user account to the local Power Users group.

I'm picking answer A because it is the closest I could imagine. But i like to know the real reason behind this. I'm confused as to why we cannot correct this by making sure correct NTFS permissions applied to the user account for the resource access. Why bother share? permission? there is no exhibit that shows standard NTFS permissions.

thx in advance

Edited March 2, 2006 by dragontkm

[CptMurphy]

When dealing with NTFS and sharing permissions, the most restrictive permissions get put in place. By default, the everyone group get full control. If this was changed so that it was removed, you'll more than likely have issues. Since the everyone group was proabably removed, you deny access to everyone unless specifically specified in the shared permissions. I hope this helps.

[dragontkm]

thx everyone.. I was just sitting in the dark thinking about it. Clear now