Windows Server 2003: Proper permissions for a shared folder? - TechRepublic
Question
July 17, 2009 at 06:55 AM
barth.travis

Windows Server 2003: Proper permissions for a shared folder?

by barth.travis . Updated 16 years, 11 months ago

Hello,

I have a file server on a domain on which is stored individual shares for each user. I have a coworker who changes the permissions and adds, what I believe to be, unnecessary users and groups to the security list.

I need a ‘best practices’ answer on what the security settings should be for the shares.

There is one folder which contains all of the individual shares. One of the first things he does is share that root folder which I think is completely unnecessary, and all the subfolders, the actual shares, inherret all the crap from this.

For each individual share, he shares the folder with the following permissions:

The domain user name in question
Authenticated Users

The following are in the security list from him entering it manually and from the aforementioned root security settings:

Domain Administrators
Local machine administrators
Creator Owner
Domain Admins
Domain Users
System
Local machine users

This seems like a bloated, unsecured, shotgun approach to me.

My thoughts are as follows…

The share permissions:

The domain user name in question.

The security list, I would think, should take care of itself? The problem is that it inherits all the crap he has on the unnecessary root share, so I need to clean that up first.

Thanks in advance,

-Travis

This discussion is locked

All Comments