Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Windows Security *Sharing* vs *Security* tab

Status
Not open for further replies.

chutcheson

IS-IT--Management
Dec 17, 2002
49
US
What exactly is the difference between the Sharing and Security tab? The sharing tab gives access to the folder over the network while the security tab gives access locally on the machine itself. Is this correct?

I'm trying to figure out the best way to give a group access to a folder on my Windows 2003 server.

Thanks.
 
The most secure way is to keep the NTFS permissions tight. The sharing permissions are not strong or flexible.
 
If you added group x to the sharing tab with change/read permission on a particular folder and left the security tab at default. Will group x be able to gain access and work with folder x across the network?
 
By default, the NTFS security permissions assigned to a folder for the user group are read and execute, read, and list folder contents.

Will group x be able to gain access and work with folder x across the network?
They will be able to access to the share. Given change/read share permissions and the default NTFS permissions, group x will be able to read from the folder but not write. This is based on the assumption that group x is comprised of users.

As a general rule, the most restrictive of NTFS and share permissions regulates access to a shared directory.

[purple]
SnoopFrogg
MCSA+Security - Windows Server 2003
[/purple]
 
So that means I should really control the folder with the "Security" tab then, correct? I just don't want to be redundant.
 
In a nutshell, the security tab is the more secure way to maintain security.
 
So that means I should really control the folder with the "Security" tab then, correct?
The quick answer is yes, due to the granularity of NTFS permissions. A complete answer would be yes, but remember that accessing data through the shares depends on the combination of share and NTFS persmissions. Make sure you understand how these two combine as not understanding may create security holes.

[purple]
SnoopFrogg
MCSA+Security - Windows Server 2003
[/purple]
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top