Error Copying File or Folder

[dragontkm]

You are the network administrator for Company. The network consists of a single Active Directory domain named Company.com. All network servers run Windows Server 2003. All client computers run Windows XP Professional. An administrator named Sara creates a shared folder named Data on a server named Server1. The shared folder is a central location for users to store and share data. The shared folder is accessed only from the network. When a user named Karen attempts to copy a file name Sales.doc to a shared folder, she receives the error message shown in the exhibit.

Error Copying File or Folder

Cannot Copy Sales.doc. Access is denied.

Make sure that the disk is not full or write protected and that the file is not currently in use.

You view the effective permissions of the Users group for the Data folder

Effective Permissions for USERS group in Advanced Security Settings for DATA share:

All checked except for Full Control and Delete Subfolders and files

You need to ensure that users can modify documents in the Data shared folder.

What should you do?

A.Assign the Anonymous group theAllow - Full Control NTFS permissions for the Data folder.

B.Assign the Anonymous group theAllow - Change share permissions for the Data shared folder.

C.Instruct User to log off and then log on to her computer.

D.Enable File and Print Sharing on user's computer.

I like to say B is the correct answer. But study material say C is the correct one.

I'm thinking B becasue there is a note in the MS study material that in a Windows Server 2003 domain environment, you can allow members of the Anonymous Logon group to be members of the Everyone group on a domain controller by editing the domain security policy and also now with W2K3 Everyone Group now has READ only Share Permission by default.

It does not state that Administrator made any changes to the Everyone group READ share permission and therefore it stays at READ only and it is possible that Domain Security Policy is edited to allow Anonymous group be part of Everyone Group. That way, Anonymouse group will have whatver Everyone group has, which is READ only. If that is the case, Anonymous group needs to be assigned with NTFS - allow - CHANGE permission on the shared folder users are having trouble with. Notice though with my strategy I had to assume that Domain Security Policy's edited which was no part in the question. Still I'm not sure what role the USER group plays here.