Navigating file sharing on Windows can be tricky.
Navigating file sharing on Windows can be tricky.
Hello, I get the basics of file permissions and inherited rights, but sharing is what’s tricky. I know that before sharing a file, both local access and sharing settings are checked to see if the user can view, use, or change it. During advanced sharing setup, you have an option to set permissions, but there’s a default group list that appears—most of which I don’t recognize. I can add new groups or members, but I’m confused about why I’d include them if everyone is already selected. Also, it looks like I can’t remove the default selection, so adding someone or a group means they’ll inherit permissions from either the default group or the new ones.
Sure, I’ll try to be clearer. Please share the relevant image or details so I can help better.
you're looking to see how permissions work when adding a user named ilyas who can read and modify files. you want to know if only readers get access, while admins retain full control and ilyas are removed from the list of everyone. it's clear you're unsure about which permissions apply in this scenario, especially regarding access if admins aren't added. you mentioned difficulties with file sharing and are hoping for clarification from Microsoft.
as long as their name isn’t explicitly added in the folder settings under 'security', they’re considered part of the general list. imagine a shared folder with restricted access—read-only for most, read and modify for Ilyas, full control for admins. if a guest joins your network and connects via their device, they’re included in the general group because their account isn’t configured yet, so they can only view files. adding their name to an admin group grants them complete access since their username is recognized. however, creating a separate account on their machine still places them under 'everyone' as long as it’s not properly assigned.
The everyone setting allows unregistered users to gain access without forcing them to create an account. Does this apply to servers as well? Since you're referring to a local setup, it's important to consider whether domain-based or workgroup settings still matter in that context.
The setup is quite similar overall, though the home setup has fewer users. In a domain setting, typically multiple groups exist because of the large number of users and to simplify management for administrators. A system administrator forms these groups and removes all relevant users from each one. They establish various teams such as sales, finance, design, IT, etc. From the server side, they create these groups with appropriate permissions, set up network folders, and assign the right groups to the correct folders. This ensures that individuals in each department can only access the folders they’re authorized for. For example, a finance group would have access to the finance folder, while others are restricted. Generally, everyone isn’t included in a domain environment by default; they appear in the list but remain unchecked unless explicitly enabled.