Quantcast
Channel: File Services and Storage Forum
Viewing all articles
Browse latest Browse all 1766

Inherited permissions from "Parent Object" ?

$
0
0

I've been looking through some of the older posts regarding this issue and no one seems to have a answer as to why it's happing.  It's easy to fix but only if you catch it.

Issue:  Wheather on server 2008 or 2003 we have found that the permissions on a file and folder were wrong based on the security inheritance rules.  The problem perrmission is a inherited permission with the "Intherited From" (advance security permissions tab on said file or folder) stating  "Parent Object" and nothing more.   The catch is we have no idea were this came from.

1 occurrence)  a users was moving a folder then had no access to it.  We found the folder and the permissions were for the most part correct except one entry (group A) was listed and (group b) wasn't.  (Group B) was suppose to be there because the folder was set to inherit, but it didn't.  (Group A) stated that it was inherited but it was not present on the parent folder.   Funny thing was the permissions works as stated, even though we have no idea how they got there.  Group A also stated that it was inherited from "Parent Object".

2 occurrence) a user created a new folder.  This time the folder inherited all the correct groups, but 1 of them had the wrong permissions.  The parent had the group with Read Only.  The folder created had it as Read/Write and again it stated it was inherited, and inherited from "Parent Object".

Now other inherited permisions state which folder it came from if it is applied correctly.  So this is where the "parent object" part is troubling. 

Both of these incidents are very troubling to us becasue it gives the wrong or more permissions then what was intended or desired.  And it was only after a user ran into a problem that we discovered it.  I'm now writing a script to see if I can find more of these occurances.  In any case this, in my opinion, is a major problem and a bug that needs to be addressed by Microsoft.   If system admins can't rely on the permissons to be applied correctly then we have to seriously reconsider Microsoft as a secure file system solution.

We believe we have narrowed down the problem to Windows Explorer, but we are still trying to recreate the problem.

If anyone have additional information on this issue please let us know.

Thank you



Viewing all articles
Browse latest Browse all 1766

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>