Share Permissions… a simple pain

I finally got the data migrated to new storage at my organization. The information moved very quickly and went off without a hitch (and minimal yelling/frustration). The one area I found that was not so friendly is the Share Permissions on the destination storage.

I understand that the basic rule of permissions is least privilege, where the most restrictive setting wins. However I apparently missed this idea when configuring the shares where the data would land. As soon as the copy was completed, the email went out to alert the users that the new storage was all set and shortly thereafter, the emails came in that it wasn’t working.

Everyone had readonly access to the newly moved information. Read only is no good. And I proceeded to review all the NTFS permissions and look over all of the items that were copied because there was a problem with the NTFS permissions or how the copy was done (you know, the hard stuff has to be where the problem is).

After several looks at the completed project, and getting nowhere fast, I removed one of the shares using Share and storage manager. The removal was to prevent use of the share while I was troubleshooting the problem. When I decided that it was not the problem and that the read access was ok I rebuilt the share… In the wizard to read the share I found the options for Share permissions.

Then the light bulb went off…

If the Admins group has full control and everyone else has read only access to the share… the read only problem was right out front. The share was disallowing it. Changing these settings got the problem solved right away.

The lesson here is to think simple. Sure you need to think about the NTFS and more complex items as well, but most certainly do not leave out the easy upfront items because they are simple and likely shouldn’t be the problem. Many times these things will bring headaches that are not worth it… just check one more time. Had I looked into that one more time during prep, the entire migration would have been completed with the scheduled job… no weekend work required (by me at least).

About the author

Derek Schauland

Leave a Comment