I'm a little confused on how permissions are applied in windows 7.
I noticed that like some folders in Program Files, an install directory from a program (in this case the Oracle client), have no options under their 'New' context menu other than to create a folder. In order to restore the context menu items I had to take ownership of the folder AND give my user account full control despite being a member of the local administrators group which also has full control. Why isn't access inherited from Administrators enough here?
At the same time, I've found that I can create a file with a command prompt with "run as administrator" using echo hello>test.txt without having direct permissions.
Other folders have only administrators on it and I can access the "new" menu just fine.
What mechanisms are at play here? What is the flow for checking permissions? I'd like to definitively understand this so I can effectively troubleshoot it. I'm guessing that user access control is the variable I'm missing but that's a guess.
One of those articles involves something along Opalis Integration Server Client and the other describes a fairly simplistic senario of where a child object has a different permission than the parent - not much mystery there. My question revolves around group vs user permissions.
Again, there are no permissions applied directly to the user, but instead the administrators group (which the user is a member of). Yet the 'New' context menu's only option is 'new folder'. As soon as I add the user directly to the folder, the other options appear under 'New.' is there some special permissions mechanism for the 'New' menu that doesn't look at group memebership?
Please check the deny permission for this user or the groups this user belongs to.
Denied permissions are always checked before allowed, if System finds that the user matchs a denied rules when doing security checks, it will stop security check and deny the user's request despite this user in the other allowed rules.
TechNet Community Support
- Edited by Juke ChouMicrosoft contingent staff, Moderator Monday, February 20, 2012 2:29 AM