HOTSPOT
You have a file server named Server1 that runs Windows Server 2012 R2. Server1 contains a folder named
Folder1.
You share Folder1 as Share1.
The permissions on Folder1 and Share1 are configured as shown in the following table.
A user named User1 is a member of Group2 and Group3. A user named User2 is a member of Group1 and
Group2.
You need to identify which actions the users can perform when they access the files in Share1.
What should you identify?
To answer, select the appropriate actions for each user in the answer area.
Hot Area:
Answer: 
Correct – User will get permissions from both groups so user1 will get Read & Execute and user2 will get Read & Write.
If share permissions had said for example, read only for everyone, then both User1 and User2 could only read.
2
0
Am I crazy or Microsoft changes his mind… The most restrictive right is always applied in priority, isn’t it ?! So User1 et User2 are members of Group2 so they only can “Read” et nothing else… ?
0
0
I think I got it, there is NO explicit “deny” so : “Permissions from different user groups that are at the same level (in terms of being directly-set or inherited, and in terms of being “deny” or “allow”) are cumulative. So if a user is a member of two groups, one of which has an “allow” permission of “Read” and the other has an “allow” of “Write”, the user will have both read and write permission–depending on the other rules above, of course.”
0
0