Friday, June 22, 2012 10:40 PMPlease help me understand how local permissions (computer_name\users) gives remote users the same permission. Here is the scnerio. On the file server i created d: partition. it comes with Users (Computer_name\Users) group with permissions Read&Execute, list folder contents, Read rights. Under that drive i have shared folders so this is inherited to these folders. A domain user from network can reach these shared folders with exact same permissions given to Users(Computer_name\Users). if i remove it, domain user can not access to shared folders. I'm really confused now, this Users(Computer_name\Users) is not a local group how it can effect a domain user. Please help.
- Moved by Brad Mahugh - MSFT Thursday, April 25, 2013 11:15 PM off topic
Sunday, June 24, 2012 3:22 AM
This question should be in a different forum (Windows Server\File Services and Storage or Windows Server\General or Windows Server\Security). Maybe a moderator can move it.
I generally recommend adjusting permissions so that it only includes the explicit groups that you need. If you rely on default permissions, the behavior can often lead to trouble or confusion. In your case, the local Users group contains the domain group named Domain Users. Thus, you can think of the local Users group as the Domain Users group (assuming that the server in question is joined to the domain - which is my assumption when answering this question). Remove the local Users group from the permissions.
- Marked As Answer by Brad Mahugh - MSFT Thursday, April 25, 2013 11:14 PM