I’m trying to control access to some shares on my EX4100 using AD.
I’ve enabled AD on the device and my users / groups are showing.
I’ve been following this WD support documentation for setting access to AD users/groups and using the table at the bottom of the page: https://support.wdc.com/knowledgebase/answer.aspx?ID=11882
I’ve tried giving User1 access to a share. I’ve set all of the groups that User1 is a part of read-only permissions and the User1 itself read/write permissions. User1 can access the share. But so can EVERY other user, even though they are set to ‘DENY’ on the share.
If I then set ‘Domain Users’ AD group to deny, no one can access the share. When I change ‘Domain Users’ group back to read-only, only User1 can access the share (as wanted).
Is there a specific order in which to set these permissions? I’ve been picking a user, setting all the groups they are a part of to read-only on the share, then doing the user objects. Should I do user first before groups?
Can someone explain what the document means when it states ‘Domain Users Group’ and ‘Domain Admins Group’ in the table? What is the difference.
EDIT: I have a share. User1 permission on this share is deny but they can access the share. According to the table on the above link, regardless of the group settings, if the user is set to deny then they shouldn’t be able to access the share. Yet in my case they can. Any ideas?