Professional Documents
Culture Documents
Share and NTFS permissions function completely separately from each other, but
ultimately serve the same purpose: to prevent unauthorized access.
However, when NTFS and share permissions interact or when a shared folder is in a
separate
This sharedtofolder
site uses cookies providewith different
you with a bettershare permissions,
browsing usersinformation
experience. Further might not bebeable
may foundtoin the
intend.
Here are key differences between share and NTFS permissions so you’ll know what
to do.
What is NTFS?
A file system is a way of organizing a drive, indicating how data is stored on the
drive and what types of information can be attached to files, such as permissions
and file names.
NTFS (NT File System) stands for New Technology File System (NTFS). NTFS is the
latest file system that the Windows NT operating system uses for storing and
retrieving files. Prior to NTFS, the file allocation table (FAT) file system was the
primary file system in Microsoft’s older operating systems, and was designed for
small disks and simple folder structures.
NTFS file system supports larger file sizes and hard drives and is more secure than
FAT. Microsoft first introduced NTFS in 1993 with the release of Windows NT 3.1. It is
the file system used in Microsoft’s Windows 10, Windows 8, Windows 7, Windows
Vista, Windows XP, Windows 2000, and Windows NT operating systems.
NTFS Permissions
NTFS permissions are used to manage access to the files and folders that are
stored in NTFS file systems.
To see what kind of permissions you will be extending when you share a file or
folder:
This site Go
usestocookies
“Properties”
to provide you with a better browsing experience. Further information may be found in the
Besides Full Control, Change, and Read that can be set for groups or individually,
NTFS offer a few more permission options:
1. Full control: Allows users to read, write, change, and delete files and
subfolders. In addition, users can change permissions settings for all files and
subdirectories.
2. Modify: Allows users to read and write of files and subfolders; also allows
deletion of the folder.
3. Read & execute: Allows users to view and run executable files, including
scripts.
4. List folder contents: Permits viewing and listing of files and subfolders as well
as executing of files; inherited by folders only.
This site uses cookies to provide you with a better browsing experience. Further information may be found in the
5. Read: Varonis
AllowsSite
users to view the folder and subfolder contents.
Privacy Policy (https://www.varonis.com/privacy-policy/) Accept
https://www.varonis.com/blog/ntfs-permissions-vs-share/ 3/10
10/31/2018 NTFS Permissions vs Share: Everything You Need to Know
6. Write: Allows users to add files and subfolders, allows you to write to a file.
Share Permissions
When you share a folder and want to set the permissions for that folder – that’s a
share. Essentially, share permissions determine the type of access others have to
the shared folder across the network.
To see what kind of permissions you will be extending when you share a folder:
Go to “Properties”
Click on “Permissions”
This site uses cookies to provide you with a better browsing experience. Further information may be found in the
(https://www.varonis.com/blog/wp-content/uploads/2016/10/share-2.png)
There are three types of share permissions: Full Control, Change, and Read.
1. Full Control: Enables users to “read,” “change,” as well as edit permissions and
take ownership of files.
This site uses cookies to provide you with a better browsing experience. Further information may be found in the
For instance, if you have a “Read” folder in a subfolder share permission but then
someone creates a “Modify” share permission above it at a higher root, you may
have people getting higher levels of access then you intend.
When you are using share and NTFS permissions together, the most restrictive
permission wins.
If the share permissions are “Full Control”, NTFS permissions are “Read”, when a
This site uses cookies to provide you with a better browsing experience. Further information may be found in the
user accesses the file on the share, they will still be given a “Read” permission.
Varonis Site Privacy Policy (https://www.varonis.com/privacy-policy/) Accept
https://www.varonis.com/blog/ntfs-permissions-vs-share/ 6/10
10/31/2018 NTFS Permissions vs Share: Everything You Need to Know
When you look at the examples above, with just three types of permissions setting,
shared folder permissions provide limited security for your folders. Therefore, you
gain the greatest flexibility by using NTFS permissions to control access to shared
folders.
Moreover, NTFS permissions apply whether the resource is accessed locally or over
the network.
To do this, change the share permissions for the folder to “Full Control.”
You can then make whatever changes you want to the NTFS permissions without
having to worry about the share permissions interfering with your changes.
SUBMIT
(https://www.varonis.com/blog/sql- (https://www.varonis.com/blog/the-
server-best-practices-in-virtualized- mirai-botnet-attack-and-revenge-of-
environments/) the-internet-of-things/)
Most Popular
Top Podcast
Episodes
(https://www.varonis
.com/blog/security-
podcast/)
This site uses cookies to provide you with a better browsing experience. Further information may be found in the
Categories
C-Level
(https://www.varonis.com/blog/category/c-
level/)
Compliance & Regulation
(https://www.varonis.com/blog/category/com
pliance_and_regulation/)
Customer Success
(https://www.varonis.com/blog/category/cust
omer-success/)
Data Security
(https://www.varonis.com/blog/category/data
_security/)
IT Pros
(https://www.varonis.com/blog/category/it_p
ros/)
Privacy
(https://www.varonis.com/blog/category/priv
acy/)
Varonis News
(https://www.varonis.com/blog/category/varo
nis_news/)
TOP
(https://www.varonis.com/)
This site uses cookies to provide you with a better browsing experience. Further information may be found in the
https://www.varonis.com/blog/ntfs-permissions-vs-share/ 10/10