Examining Share-Level Security
Most data on Windows file servers is accessed using a share. The share is a network alias assigned to a folder (for example, \\file\marketing). Shares can also be assigned security settings for access control. These share-level permissions are a legacy component left over from legacy file systems that did not support file and folder permissions (for example, FAT, FAT32). As a result, they are an outdated implementation and poor control and granularity. In many situations, share permissions only serve to make troubleshooting more complex, and data is secured with file-level permissions only. However, for more sensitive systems or shares, it may be prudent to use both layers of protection in case of an error in configuration ...
Get Windows Server® 2012 Unleashed now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
