Share permissions

[Chris]

I have a user that is in a two different group, attached
to the same share. One group he is read-only, and the
other is modify. There is no deny permissions. Now, the
customers permissions would be modify, correct? The
permissions combined between the groups, No? When would
this be different, only if there is a deny?

Thanks in advance

 

[Steven L Umbach]

That is correct. The user's permission to a share would be the most permissive based
on his group membership/user permissions unless he has a deny permission as a result
of group membership or direct user. You can and should also use ntfs permissions in
addition to share permissions to control a users access to a share. In that case the
allowed access will be the most restrictive of the two types of permissions - share
or ntfs. --- Steve