How to use the logic of applying different access permissions
DESCRIPTIONThis article describes the logic of applying different access permissions and their combinations.
HOW IT WORKS1. Restrictive rules override the allowing ones;
2. Any user account not explicitly listed in an access control list (ACL) gets blocked by default.
Wrong unless you don't want to block access for everyone: 'Everyone:No access entry does not mean 'everyone except the accounts from the list'. It means 'everyone including those listed'.
Right: All accounts are blocked but for those that belong to 'Users' and 'Administrators' groups.
*In some cases it might be required that you add 'SYSTEM:Full control' entry for hard- or software to function properly.