Posted On March 28, 2019

Restricting Access to Directory in Windows Shares

kimconnect 0 comments
blog.KimConnect.com >> Windows >> Restricting Access to Directory in Windows Shares

– Only allow Admins write access to root folders
– NTFS permissions at root directory for the “Everyone” group: Traverse Folder, List Folder
– Enable access based enumeration on the share to allow users to view ONLY folders in which they can access
– Create and apply security domain local groups with explicit permission semantics such as:
— FILESERVER1_Global_Accounting_ReadOnly or SHAREPOINT_Accounting_ReadOnly
FILESERVER1 _Global_Accounting_Modify
FILESERVER1 _Global_Accounting_FullControl
– Create a Global Deny group and add all disabled accounts into it
– Apply Global Deny group to root directory with Deny Full control permissions

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Post

Kubernetes Ingress Error 502 Upon NextCloud Upgrades

Issue: Just the other day, I've attempted to run a 'helm upgrade…' command on my…

Other Information Technology Considerations

14.1 Windows Server 2016 release date is within six months to one year. Implementing Windows…

Exchange 2007 Installation Notes

 - Installing as co-existence with Exchange 2003 - Must install these services in order: Client…