2. 计算机
  3. You are the administrator of your company’s network. A user named Paul in the service department has a Windows 2000 Professional

You are the administrator of your company’s network. A user named Paul in the service department has a Windows 2000 Professional

admin2009-05-19  29
问题 You are the administrator of your company’s network. A user named Paul in the service department has a Windows 2000 Professional computer. Paul needs to access the files that are in a shared folder on his computer. A local group named Sales has permissions to access the data. Paul is a member of the Sales local group but he cannot access the file he needs.

What should you do?
选项 A、Grant Paul NTFS permission so that he can access any parent folder to files in the shared folder.
B、Share the Sales folder and grant Paul shared folder permission to access the shared Sales folder.
C、Remove Paul from any other group that has been explicitly denied access to the Sales folder.
D、Delete the Sales local group and recreate it. Add individual user accounts from the Sales department back into Sales local group.
答案C
解析 Explanation: The Sales group, which Paul is a member of, has permission to access the files. However, Paul still cannot access the files. It would seem that Paul has a permissions conflict. A user can be granted file permissions in a number of contexts: as a user or as a member of a user group. When a user has different file permissions in multiple contexts, the most restrictive permission is applied. Furthermore, the deny permission overrides all other permissions. As Paul does not have access to the file you must therefore assume Paul has explicitly been denied access to the file in some context, as member of one or more groups that have been denied access to the file. You would thus have to remove Paul from such a group so that the restriction is not applied to Paul.

Incorrect answers:
A: Paul has already got NTFS permission to the file, since he belongs to the Sales group. The deny permission overrides all other file permissions. You therefore need to remove Paul’s user account from the groups that have been denied access to the file.

B: When a user has different file permissions in multiple contexts, the most restrictive permission is applied. Furthermore, the deny permission overrides all other permissions. As Paul does not have access to the file you must therefore assume Paul has explicitly been denied access to the file in some context, as member of one or more groups that have been denied access to the file. You would thus have to remove Paul from such a group so that the restriction is not applied to Paul.

D: The Sales group has been correctly configured and has full permissions to the files. Paul is a member of the Sales group and thus should have access to the files by virtue of his membership of that group. However, a user can be granted file permissions in a number of contexts: as user or as a member of a user group. When a user has different file permissions in multiple contexts, the most restrictive permission is applied. Furthermore, the deny permission overrides all other permissions. As Paul does not have access to the file you must therefore assume Paul has explicitly been denied access to the file in some context, as member of one or more groups that have been denied access to the file. You would thus have to remove Paul from such a group so that the restriction is not applied to Paul.
转载请注明原文地址:https://jikaoti.com/ti/e1O7FFFM
本试题收录于: 微软70210题库微软认证分类
0

微软70210

微软认证

相关试题推荐
随机试题
最新回复(0)