Skip to end of metadata
Go to start of metadata

Network Folders with NTFS Permissions

To use Network Folders with NTFS Permissions, it might be required to install and configure the FileCloud Helper Service. See more information.


If you need to use Network Folders with NTFS permissions, it is strongly recommded to run FileCloud on Windows Servers instead of Linux.

Many organizations have Windows based Network Folders that are shared with employees. The permissions on these Network Folders are managed using NTFS rights setup for various users and groups (usually from Active Directory). FileCloud can use the same NTFS permissions on the Network Folders for user authorization and access to these resources.

To setup a network Folder with NTFS permissions please set permissions type to "NTFS" and then optionally install the FileCloud helper service.




Go to Manage Groups, and give permission to EVERYONE group.


After setting up the network folder for NTFS Permissions, you might need to optionally configure and install the FIleCloud helper service.

 

Additional Information and Troubleshooting

Note: When user membership in a AD group is modified, that change is not propagated immediately and is cached by Windows. See http://support.microsoft.com/kb/871159 for more information.
As a result, if you change a user group membership, it might not be picked up NTFS helper immediately. It might take some time ranging from 10 minutes to several hours before the change is picked up. If you need the changes to be picked up immediately, you can restart the helper service.

Notes:

  • Make sure that don't have a local machine account name as the domain user account. This will cause problems.
  • If you get authzinitializecontextfromsid errors, make sure the account running the Helper service has full permissions to look up user accounts, Also make sure the user account name is not the same as the computer name, use a different name.

How share permissions and NTFS permissions work together

When sharing a network folder, it is important that the Share Permissions for the network share are setup with the right permissions for all the users. If you are setting up NTFS permissions in the folders, make sure to allow full control in the Share Permissions dialog.

From Microsoft's Documentation at (http://windows.microsoft.com/en-us/windows-vista/share-files-and-folders-over-the-network-from-windows-vista-inside-out)

The implementation of share permissions and NTFS permissions is confusingly similar, but it’s important to recognize that these are two separate levels of access control. Only connections that successfully pass through both gates are granted access.

Share permissions control network access to a particular resource. Share permissions do not affect users who log on locally. You set share permissions in the Advanced Sharing dialog box, which you access from the Sharing tab of a folder’s properties dialog box.

NTFS permissions apply to folders and files on an NTFS-formatted drive. They provide extremely granular control over an object. For each user to whom you want to grant access, you can specify exactly what they’re allowed to do: run programs, view folder contents, create new files, change existing files, and so on. You set NTFS permissions on the Security tab of the properties dialog box for a folder or file.

It’s important to recognize that the two types of permissions are combined in the most restrictive way. If, for example, a user is granted Read permission on the network share, it doesn’t matter whether or not the account has Full Control NTFS permissions on the same folder; the user gets only Read access when connecting over the network.

 

 

  • No labels