Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Thursday, December 29, 2011 7:53 PM
Is there any official Microsoft documentation for best practices and or recommended practices on the use of nested NTFS folder permissions?
All replies (3)
Saturday, December 31, 2011 12:02 AM ✅Answered
Hello Jim,
I don't think you will find something like a "best practices permission assignment on nested folders" because it depends from case to case and what you would like to achieve with those resources. There are some general best practices guidelines when it comes to assigning permissions but it depends on your folder architecture and what your goals are. Below you will find those general guidelines I was mentioning:
Best practices for permissions and user rights : http://technet.microsoft.com/en-us/library/cc779601(WS.10).aspx
Best Practices for Securing Files with NTFS Permissions : http://technet.microsoft.com/en-us/library/cc782737(WS.10).aspx
Best practices for Shared Folders : http://technet.microsoft.com/en-us/library/cc780313(WS.10).aspx
File and Folder Permissions : http://technet.microsoft.com/en-us/library/bb727008.aspx
If I can help with any additional informations please ask.
MCTS - Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Thursday, December 29, 2011 10:38 PM
Yes there is. Check out the liks below:
http://technet.microsoft.com/en-us/library/bb742592.aspx - An older post but the principle is the same. Go to creating groups.
http://en.wikipedia.org/wiki/AGDLP - wikipedia, always a good source, altough not microsoft...
http://technet.microsoft.com/en-us/library/cc755692(WS.10).aspx - Details about Group Scoping
Mostly you will learn about AGDLP an group nesting best practices in Microsoft courses or exam preparation kits. For example the 70-640 training kit(Active directory configuration).
Hope it helps.
MCTS - Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Friday, December 30, 2011 8:36 PM
Thanks Marius, but what I'm looking for is best practices, if there are any on nesting permissions on folders not nesting groups within groups:
Example:
Folder structure:
main_folder\subfolder1
main_folder\subfolder2
main_folder\subfolder3
main_folder\subfolder4
.
.
.
main_folder\subfolderX
ACL for main_folder_users RW has RW access to all folders
ACL subfolder1_users has RW access to subfolder1, but only traverse access on main_folder
ACL subfolder2_users has RW access to subfolder2, but only traverse access on main_folder
.
.
ACL subfolderX_users has RW access to subfolderX, but only traverse access on main_folder