Folder Shares: question about security

[Guest Rob]

Hello,

 

When I share a folder, I see two tabs in the properties window: Sharing and

Security. In the Sharing tab, there's the Permissions button that allows me

to add users to access this shared folder, and then in the Security tab it

allows me to do the same with more granular options.

 

What is the difference between these two security models? If I were to

simply grant a user in the same domain to access a shared folder, which of

these two options should I use. On a side note, what if the user belongs to

another (but trusted) domain, would it still be possible for that user to

access the share?

 

Thank you.

[Guest RichGK]

Re: Folder Shares: question about security

 

On 14 Apr, 15:46, Rob <R...@discussions.microsoft.com> wrote:

> Hello,

>

> When I share a folder, I see two tabs in the properties window: Sharing and

> Security. In the Sharing tab, there's the Permissions button that allows me

> to add users to access this shared folder, and then in the Security tab it

> allows me to do the same with more granular options.

>

> What is the difference between these two security models? If I were to

> simply grant a user in the same domain to access a shared folder, which of

> these two options should I use. On a side note, what if the user belongs to

> another (but trusted) domain, would it still be possible for that user to

> access the share?

>

> Thank you.

 

Common (best) practice is to set Share Permissions for Everyone to

full control and then use NTFS security to provide the restrictive

access you require.

 

If using a FAT drive you only have access to share permissions, in

this case you need to know the limitations (of which there are

plenty).

 

If mixing share permissions and NTFS security (which is not a good

idea if only because you don't need to) then the share permissions

will be the most restrictive.