4.7 Net Folder Role Requirements Are Rigidly Enforced

On NSS, NTFS, and SharePoint, it is possible to define customized permissions. For example, you can create a directory in which users can create files even though they have no permission to view them afterward.

Customized permissions do not apply to Filr.

The NSS, NTFS, and SharePoint requirements set forth in Table 4-2, Table 4-3, and Table 4-4 are very rigid.

If any permissions are missing for a given role, Filr defaults to a more restrictive role. Additionally, if each and every permission required for the Viewer role is not present, then Filr grants no role to the user, as illustrated in the following sections.

4.7.1 NSS Example

Figure 4-6 shows that if the NSS write right is missing, the user can only function as a viewer, even though all of the other Contributor-level rights are present.

Figure 4-6 Missing Write right limits to only Viewer role

4.7.2 NTFS Example

Figure 4-7 shows that for NTFS, if the Read & Execute privilege is missing, the user has no Net folder role, even though all of the other permissions are present.

Figure 4-7 Missing Read & Execute privilege prevents access through Filr

4.7.3 SharePoint Example

Figure 4-8 shows that, for SharePoint, if the Browse User Information privilege is missing, the user has no Net folder role, even though all of the other permissions are present.

Figure 4-8 Missing Browse User Information permission prevents access through Filr