Click on the image to zoom
A shared resource provides access to applications, data, or a user's personal data. You can assign or deny permissions for each shared resource.
You can control access to shared resources with a variety of methods. You can use share permissions, which are simple to apply and manage. Or, you can use access control on the NTFS file system, which provides more detailed control of the shared resource and its contents. You can also use a combination of these methods. If you use a combination of these methods, the more restrictive permission always applies.
For example, if the share permission is set to Everyone = Read (which is the default), and the NTFS permission allows users to make changes to a shared file, the share permission applies, and the user is not allowed to change the file.
It is not always necessary to explicitly deny permission to a shared resource. Denying permission is usually necessary only when you want to override specific permissions that are already assigned.
