NTFS deny still supercede Dynamic Access Control?


  • If I have a file with NTFS deny read for the sales group and then I configure Dynamic Access Control for the department = sales to have full access to that file.

    Does the 'deny" still wins because Dynamic Access Control is applied along with NTFS permission and deny ALWAYS wins?

    Previously, if Authenticated Users has full control and when the sales group has deny read, members of the sales group will have deny read.

    Tuesday, July 16, 2013 10:57 PM


All replies